Event ID 15300 (SSL Certificate Settings deleted)

[IIS]

The error message below is displayed in the Event Viewer when the IIS binding is deleted unexpectedly or the SSL certificate in the IIS binding is replaced or removed.



Event ID 15300
SSL Certificate Settings deleted for endpoint







This issue may occur when there is a legacy SSL certificate hash property in the applicationHost.config file (Reference 1, Reference 2). In order to solve it, search for an entry similar to the one below and remove it.





<key path="LM/W3SVC/X"> <property id="5506" dataType="Binary" userType="1" attributes="None" value="oXiHOzFAMOF0YxIuI7soWvDFEzg=" /></key>







If it doesn’t work, there are a few more things to check:

• If there is an antivirus software in the server, disable it and try to reproduce the issue (Look for especially HIPS feature)
• This issue occurs when the wildcard certificate has been imported without marking the keys as exportable. If that’s the case, uninstalled the certificate and import it back again with marking the keys as exportable
• If System Center Virtual Machine Manager Agent is enabled in the server, disable it and try to reproduce the issue
• Another process might be using 443 port in the server. Check the ports being listened
• Disable the insecure protocols protocols if they are enabled. Registry settings are below

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client







If it’s an Azure Cloud Service, you will need to have access to Visual Studio solution to implement a valid certificate.

Continue reading...