Avatar of Tessando
Flag for United States of America asked on

Fixing HTTPEVENT Event Viewer Error 15021 on Windows Server 2016

I have two identical Windows Server 2016 Servers that are getting the same error in the Event Viewer.

This is the error they are getting:

Event ID: 15021
An error occurred while using SSL configuration for endpoint  The error status code is contained within the returned data.

Open in new window

Using this command: netsh http show sslcert I was able to  get these results:

SSL Certificate bindings:
    IP:port                      :     Certificate Hash             : 5ee55ad9d99bc3a8167b79cb089bd5ab77075934     Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}     Certificate Store Name       : My     Verify Client Certificate Revocation : Enabled     Verify Revocation Using Cached Client Certificate Only : Disabled     Usage Check                  : Enabled     Revocation Freshness Time    : 0     URL Retrieval Timeout        : 0     Ctl Identifier               : (null)     Ctl Store Name               : (null)     DS Mapper Usage              : Disabled     Negotiate Client Certificate : Disabled     Reject Connections           : Disabled     Disable HTTP2                : Not Set

Open in new window

Unfortunately this doesn't give me any specifics. 

I often use Wildcard SSL's and I have scoured all the sites in IIS and every Certificate is valid.

How can I resolve this so that the issue is solved and the HTTPEvent Error is no longer showing in the Event Viewer?


Windows OSWindows Server 2016Windows 10Azure

Avatar of undefined
Last Comment

8/22/2022 - Mon
Michael B. Smith

Examine all the certs in the certificates MMC.

Ah, good call Michael. I've got three expired Certs via the Certificates MMC (e.g.Certificates -> Personal -> Certificates). They aren't for sites in IIS, rather adding a Trust for External Root CA:

AddTrust External CA Root
COMODO RSA Certification Authority
USERTrust RSA Certification Authority

I do not see any duplicates for the Wildcard SSLs. Should I go ahead and remove all expired certs from this location?


Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Your help has saved me hundreds of hours of internet surfing.