Our master/slave servers are unable to sync after SSL certificates were installed and then removed, what is this down to?

1

We have two servers with Rackspace running IIS 8, a master and slave. Previously the master would sync with the slave through the method described here:

https://community.rackspace.com/products/f/25/t/641

The above was installed by a very nice man at Rackspace a couple of years ago despite it not being part of his mandate. Rackspace don't offer any support for it unfortunately and the very nice man has now left. It has worked fine up until now, there is a batch file that runs every hour and updates from master to slave.

Recently we installed SSL certificates for these servers, initially they were installed via IIS on both servers, however we came to realise it was a better idea to remove them and install the SSL on the load balancer. During the process of doing this it appears we've messed up a certificate which was allowing the two servers to communicate. When I run the batch file that usually syncs the servers in powershell I see multiple instances of the following warning:

WARNING: skipping source cert  ("sequence of letters and numbers appear here")
because of rule skipinvalidsource.  No certificate found in store
My with has "same sequence of letters and numbers"

followed by:

Sync-WDServer: An error occurred when the request was processed on the
remote computer.  A specified logon session does not exist.  It may
already have been terminated (Exception from HRESULT: 0x80070520)

Unfortunately none of us know how this syncing worked in the first place, I understand from the article above that a logon is required on both servers, but nothing has happened to any logons so I don't suspect that is the problem. It seems some certificate might have gotten deleted when the SSL's were being removed somehow, in which case can anyone advise how we can repair/replace the certificate or even which certificate it is?

Any advise regarding the issue would be appreciated.

iis
windows-server-2012
ssl-certificate
certificate
synchronization
asked on Server Fault Mar 31, 2017 by Rob • edited Apr 9, 2017 by hayalci

1 Answer

1

As it turned out the problem was created by installing the SSL's on our servers, when doing so we had created a binding on the default website for port 443. As the SSL is on the load balancer this isn't required and this binding seemingly wanted a certificate associated to be 'copied' over or found when syncing between servers. Removing the binding from the default website in iis on both servers solved the issue.

answered on Server Fault Mar 31, 2017 by Rob

User contributions licensed under CC BY-SA 3.0