Tuesday, August 14, 2012

IIS Manager Error: A specified logon session does not exist. It may already have been terminated.

Last week I was configuring a TFS 2012 server to support https. I installed a wildcard SSL certificate on our Windows 2008 Server trying to install a wildcard SSL cert.  I launched the Certificate Snap-in inside MMC and placed the SSL certificate into the local computer repository without problems.

But when I opened the IIS manager to use this certificate, the problems started. I wanted to enable SSL for the TFS website, so I selected the web site and choose the Bindings option from the action menu.

image

The site bindings window was loaded. I clicked Add… to add a new binding and choose https from the Type dropdown.

image

But when I tried to select the certificate from the SSL certificate dropdown, I got the following error message:

A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)

I could click OK but the binding didn’t work.

On the IIS forums I found the following post mentioning two possible solutions:

  • Deleting the certificate and reinstalling it via mmc certificate snap-in
  • Installing the certificate with ‘Mark exportable’ is true

I already used the first option, so I tried the second solution and it worked!

Remark: In the same post someone mentions that making your private key exportable is a security risk. So if someone has a better solution, feel free to let me know.

1 comment:

Lawton said...

I had a similar scenario and fixed it without having to mark my certificate as allowed to be exportable. See my answer on StackOverflow: http://stackoverflow.com/questions/14953132/iis-7-error-a-specified-logon-session-does-not-exist-it-may-already-have-been/25854919#25854919