Exchange ECP log-in loops back to log-in after entering credentials.

j_rameses
j_rameses used Ask the Experts™
on
Greetings.
I recently updated our SSl certificate on Exchange 2016.
Upon ding so, I lost connectivity to my ECP portal.
All I get when I login in is a reloop back to login again.
I have tried checking the certificate and settings but they look good as per my understanding.
I am not an Exchange Guru and this is the first time I encountered this issue.
I do need this resolved so I can add new users to our environment.
I could do it from our other Exchange Server in the DAg, but I do not want to go that route.
Reason being is that the issue will still be there: relooping after attempting to login.
I do can use OWA but not ECP.
I am running windows 2012 R2 as the OS for Exchange 2016.

I checked the settings in "default website" the bindings and they are correct pointing to the correct certificate.
I restarted the service on IIS in application pools called "MSExchangeECPAppPool", but to no avail.

Thank you for your attention.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Server engineer
Commented:
Check the exchange backend website binding and make sure the new certificate is binded on 443 and also check the default website for certificate bindings.

If certificate is not binded on backend website add the same and reset IIS.
j_ramesesInfo Sys Mngr

Author

Commented:
Saif, thank you for your response.
So I should confirm that the settings from binding from my "exchange backend website" settings should match the "Default website"?
Saif ShaikhServer engineer

Commented:
yes even if you have a valid self-signed cert binded to exchange backend then its fine, but you can keep the same third party doesn't matter.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

j_ramesesInfo Sys Mngr

Author

Commented:
Therefore both should match identically?
defaultwebsiteBindings1.JPG
ExchangeWebsiteBindings1.JPG
Saif ShaikhServer engineer

Commented:
NONNONONO

Click on edit 443 on default website and you should see a view tab and there you will be able to see the cert.

Also click on edit 444 on backend website and you should see a view tab and there you will be able to see the cert.
j_ramesesInfo Sys Mngr

Author

Commented:
when I attempt to change the port from 444 to 443 on "https" on "exchange backend" I get the below error message.
error-message-uon-changing-port-numb.JPG
j_ramesesInfo Sys Mngr

Author

Commented:
I see the certificate since I changed it.
bindings-of-exchange-backend.JPG
Saif ShaikhServer engineer

Commented:
Do not attempt to change any ports, just see if port 443 on default website and port 444 on exchange backend has the correct cert.
j_ramesesInfo Sys Mngr

Author

Commented:
Saif, thank you.
I added the correct cert on the ports for exchange backend server.
Afterwards I restarted the IIS services/server.
Once that completed, I know have access to my ecp.

I will have to put this in my notes for when I have to update the cert again in years time from now.

Thank you for your assistance.
Saif ShaikhServer engineer

Commented:
Good to see the issue is resolved. You are welcome.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial