The following error occur when attempting to bind SSL certificate using Microsoft IIS 7.0 or 7.5 server.
A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)
This error may occur if the following condition is true from installing certificate file (.pfx) to a load balancing Microsoft IIS 7.0 or 7.5 servers.
- When importing a certificate file (.pfx) through IIS Manager, the option box to "Allow this certificate to be exported" is uncheck.
To successfully bind the SSL certificate to a website through IIS Manager, perform the following steps.
Step 1: Create a Microsoft Management Console (MMC) Snap-in for managing certificates
Create a Microsoft Management Console (MMC) Snap-in for managing certificates, refer to solution SO1849
Step 2: Delete the installed SSL certificate
- With the MMC and the Certificates snap-in open, expand the Personal > Certificates folder.
- Right click on the certificate > Delete
- Click Yes
Step 3: Import certificate (.pfx) file using Microsoft Management Console (MMC) Snap-in for managing certificates
- With the MMC and the Certificates snap-in open, double click on Certificates (Local Computer) in the center window.
- Right click on the Personal Certificates Store (folder)
- Choose > ALL TASKS > Import
- Follow the Certificate Import Wizard to import your .pfx file. You will need to browse for .pfx file.
- Enter the password that was used when exporting the certificate to a .pfx file.
- If desired, check the box to "Mark this key as exportable."
- When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.
- Click Finish to close the certificate wizard.
- Close the MMC console. In the case that you are prompted, it is not necessary to save the changes made to the MMC console.
Step 4: Binding certificate to the web site
- Click Start > Administrative Tools > Internet Information Services (IIS) Manager
- Browse to your server name > Sites > Your SSL-based site
- In the Actions pane, click Bindings...
- In the Site Bindings window, If there is no existing https binding, choose Add and change Type from HTTP to HTTPS.
Note: If there is already a https binding, select it and click Edit.
- From the SSL Certificate drop-down, Select the Friendly Name for the SSL certificate that will be used for this site.
- Click OK
Step 5: Verify certificate installation
- To verify the SSL certificate installation, use the Thawte Certificate Installation Checker
- In some cases, you may need to Stop and start your Web server prior to any testing.
Note: The changes may not take place after restarting IIS Services and a re-boot is needed.
Thawte has made efforts to ensure the accuracy and completeness of the information in this document. However, Thawte makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Thawte assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, Thawte assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Thawte reserves the right to make changes to any information herein without further notice.