https no longer working - post windows update.


This past weekend, I applied the following MS security fixes:

Successful 25 April 2004 Security Update for Windows 2000 (KB835732) Automatic update
Successful 25 April 2004 Security Update for Windows 2000 (KB828741) Automatic update
Successful 25 April 2004 Security Update for Windows 2000 (KB837001) Automatic update
Successful 24 April 2004 Critical Update for Internet Explorer 6 Service Pack 1 (KB831167) Automatic update
Successful 24 April 2004 Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009) Automatic update

It would appear that having done this, our ability to use owa on port 443 (https://) has vanished.

now, when we type the usual url, we get the usual "This page cannot be displayed" in IE

I've tried it locally, with the same results.

The only thing I can see is this in the event viewer:

Event Type:      Error
Event Source:      Schannel
Event Category:      None
Event ID:      36871
Date:            28/04/2004
Time:            08:02:24
User:            N/A
Computer:      MAIN-SERVER
A fatal error occurred while creating an SSL server credential.

I cant find any information on this error, and it's causing me alot of trouble, as we have alot of managers away at the moment, unable to view their mail because the mean IT manager wont open port 80 for them.

Please help !

Note: We signed our own certificate; It's in date, no problems there.

Thanks in advance

Who is Participating?
Computer101Connect With a Mentor Commented:
PAQed, with points refunded (500)

E-E Admin
This is caused by the installation of - see;en-us;261328 ("Cipher Strength Appears as 0-Bit in Internet Explorer") that describes how to fix that problem.
shandscombAuthor Commented:
That first url is in german, which I dont speak / read - I will try to find the english version.

From looking at the second url, it seems to imply that it's a client error.;

To clarify, it's a windows 2000 Server that im using for Outlook Web Access via https.

Any client in the outside world is having this problem, therefore (IMO) meaning that its something server side ?

I'm sorry if I've misinterpreted your reply.

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

>>That first url is in german, which I dont speak

Ooops, sorry, the english version is at
Have you confirmed that the OWA is still configured to use SSL in IIS snap in.
See the cause and resolution...

Hope this helps... ;-)
shandscombAuthor Commented:
It was a virus / trojan !

I used TCPView to find the program listening (ntoskrnl.exe of 704KB) and a google search gave me:

And this is the excerpt:

"Found a virus (or a trojan) this morning on two web servers that had been put on servers over the weekend. This virus/trojan disabled the port 443 (SSL) web sites on these two boxes. It was listening on port 443 and another 1489 or somesuch port. I found it using fport.exe to be a file called ntoskrnl.exe. It had installed itself as a service called MS Windows Update, running as SYSTEM. So, I killed the process and moved off the file. Instead of 1660 KB, the file was 704KB, and it was in a different directory c:\winnt\system32\config. Once the service was disabled, IIS had no problem taking the port back.
These two servers had not had the patches that came from Microsoft last week (week before?), and I'm supposing that that was the entry point for this particular bug. I'm still looking through the bug to see what I can see, but it's an executable, so full analysis will be tough, and I probably don't have the time for it."

Problem solved.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.