• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8011
  • Last Modified:

SSL Cert not working, error = Data Transfer Interrupted

I have a server running IIS6, the site works properly when using http, but not https. The error Data Transfer Interrupted is displayed whenever a page is loaded. The url is; https://armadainsurance.ca

The server cert install appeared to go smoothly. The site has been assigned 216.234.57.91.

Any ideas about the cause of the problem?
0
eoszlak
Asked:
eoszlak
1 Solution
 
eoszlakAuthor Commented:
The problem appears to be related to the fact that when the cert was installed; no private key was assigned or created. How do I get the private key?
0
 
pcsmitpraCommented:
Are you getting any cert related error in event viewer? If yes, try this with your error codes : C:\>certutil -error 2148204801 0x800b0101 (-2146762495) -- 2148204801 (-2146762495)
0
 
eoszlakAuthor Commented:
Hi, the case is now resolved. For some reason which is unknown, when the cert request file was created the connection to the private key may have been "lost". I worked with Microsoft and used the following command to restore the key; certutil -repairstore.

Once that ran the key became associated with the cert and the site worked properly.

Thx
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
eoszlakAuthor Commented:
BTW, there were no cert related errors in the event log. I find it odd that I do not recall any reference to the private key in any setup documents that advise on how to get a ssl cert working properly in IIS6.
0
 
khusroksCommented:
I had the same problem.  Couldn't figure out how to use certutil -repairstore as described above since it doesn't seem to be documented anywhere, so I just ditched and re-created the website in IIS, removed the cert from the old site, applied it to the new site, and I'm back in business.  The typical Microsoft etch-a-sketch solution: start over.
0
 
ParanormasticCryptographic EngineerCommented:
CertUtil [Options] -repairstore CertificateStoreName CertId

CertStoreName is usually going to be "Root" or "My" (My = Personal)

CertId can be a few things, but for simplicity just use the serial number of the cert.

The [options] can be used to specify -user for user stores, or -enterprise for local machine stores.

Some potentially useful links:
http://support.microsoft.com/kb/842210
http://support.microsoft.com/kb/889651
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now