Solved

https no longer working - post windows update.

Posted on 2004-04-28
10
142 Views
Last Modified: 2010-04-13
L&G,

This past weekend, I applied the following MS security fixes:

Successful 25 April 2004 Security Update for Windows 2000 (KB835732) Automatic update
Successful 25 April 2004 Security Update for Windows 2000 (KB828741) Automatic update
Successful 25 April 2004 Security Update for Windows 2000 (KB837001) Automatic update
Successful 24 April 2004 Critical Update for Internet Explorer 6 Service Pack 1 (KB831167) Automatic update
Successful 24 April 2004 Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009) Automatic update

It would appear that having done this, our ability to use owa on port 443 (https://) has vanished.

now, when we type the usual url, we get the usual "This page cannot be displayed" in IE

I've tried it locally, with the same results.

The only thing I can see is this in the event viewer:

Event Type:      Error
Event Source:      Schannel
Event Category:      None
Event ID:      36871
Date:            28/04/2004
Time:            08:02:24
User:            N/A
Computer:      MAIN-SERVER
Description:
A fatal error occurred while creating an SSL server credential.

I cant find any information on this error, and it's causing me alot of trouble, as we have alot of managers away at the moment, unable to view their mail because the mean IT manager wont open port 80 for them.

Please help !

Note: We signed our own certificate; It's in date, no problems there.

Thanks in advance

Steve
0
Comment
Question by:shandscomb
  • 2
  • 2
  • 2
  • +2
10 Comments
 
LVL 86

Expert Comment

by:jkr
Comment Utility
This is caused by the installation of http://www.microsoft.com/germany/ms/technetservicedesk/bulletin/bulletinMS04-011.htm - see http://support.microsoft.com/default.aspx?scid=kb;en-us;261328 ("Cipher Strength Appears as 0-Bit in Internet Explorer") that describes how to fix that problem.
0
 
LVL 1

Author Comment

by:shandscomb
Comment Utility
That first url is in german, which I dont speak / read - I will try to find the english version.

From looking at the second url, it seems to imply that it's a client error.;

To clarify, it's a windows 2000 Server that im using for Outlook Web Access via https.

Any client in the outside world is having this problem, therefore (IMO) meaning that its something server side ?

I'm sorry if I've misinterpreted your reply.

0
 
LVL 86

Expert Comment

by:jkr
Comment Utility
>>That first url is in german, which I dont speak

Ooops, sorry, the english version is at http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
0
 
LVL 7

Expert Comment

by:msice
Comment Utility
Have you confirmed that the OWA is still configured to use SSL in IIS snap in.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 7

Expert Comment

by:shahrial
Comment Utility
See the cause and resolution...
http://support.microsoft.com/default.aspx?kbid=831167

Hope this helps... ;-)
0
 
LVL 7

Expert Comment

by:shahrial
Comment Utility
0
 
LVL 1

Author Comment

by:shandscomb
Comment Utility
It was a virus / trojan !

I used TCPView to find the program listening (ntoskrnl.exe of 704KB) and a google search gave me:

http://rgautier.tripod.com/2004_04_25_blogchive.html

And this is the excerpt:

"Found a virus (or a trojan) this morning on two web servers that had been put on servers over the weekend. This virus/trojan disabled the port 443 (SSL) web sites on these two boxes. It was listening on port 443 and another 1489 or somesuch port. I found it using fport.exe to be a file called ntoskrnl.exe. It had installed itself as a service called MS Windows Update, running as SYSTEM. So, I killed the process and moved off the file. Instead of 1660 KB, the file was 704KB, and it was in a different directory c:\winnt\system32\config. Once the service was disabled, IIS had no problem taking the port back.
These two servers had not had the patches that came from Microsoft last week (week before?), and I'm supposing that that was the entry point for this particular bug. I'm still looking through the bug to see what I can see, but it's an executable, so full analysis will be tough, and I probably don't have the time for it."

Problem solved.

Steve
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
Comment Utility
PAQed, with points refunded (500)

Computer101
E-E Admin
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
This video discusses moving either the default database or any database to a new volume.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now