Cannot bind a new certificate in IIS on EV server with error "A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)"
Problem
Cannot bind a new certificate in IIS on EV server with error "A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)"
Error Message
While selecting the new certificate in 443 IIS binding on EV server we can see below error
There was an error while performing this operation.
Details:
A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)
Cause
The installed certificate might be corrupt, so it needs to be re-imported
Solution
Note: the steps below involves deleting the EV server's certificate from the certificate store. Care should be taken to ensure the correct certificate is chosen for deletion. Also please ensure that a good copy of the certificate is available in .pfx format before starting the procedure.
- From the Start screen, type and then click Run.
- In the Run window, in the Open box, type mmc and then, click OK.
- In the User Account Control window, click Yes to allow the Microsoft Management Console to make changes to the computer.
- In the Console window, in the menu at the top, click File > Add/Remove Snap-in.
- In the Add or Remove Snap-ins window, under Available snap-ins (left side), click Certificates and then, click Add.
- In the Certificates snap-in window, select Computer account and then, click Next.
- In the Select Computer window, select Local computer: (computer this console is running on), and then, click Finish.
- In the Console window, in the Console Root section, expand Certificates (Local Computer).
- Expand the Personal folder and then, find the affected certificate and right click delete the same
- Now right click on the same place, All Tasks > Import to open the Certificate Import Wizard.
- On the Welcome to the Certificate Import Wizard page, click Next.
- Follow the instructions in the certificate import wizard to import your primary certificate from the .pfx file.
- Mark the certificate as re-exportable and enter password if it is set to the certificate
Note: On the Certificate Store page, select Automatically select the certificate store based on the type of certificate.
- On the Completing the Certificate Import Wizard page, verify your settings and then, click Finish.
- A message stating The import was successful should be shown.
- Restart the IIS service and reopen the IIS manager window.
- Should now be able to bind the new certificate to 443 binding in IIS.
Note: If errors continue to occur they should be investigated with Microsoft.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.