Friday, May 22, 2015

Exchange 2013 Blank ECP/OWA Screen, Showing Event ID 15021 HttpEvent System Log

I hit this one today after switching out an expired UCC certificate on two Exchange 2013 servers in a DAG.  Both the ECP/OWA screens after login just went to a white page and never load.  The servers were both showing hundreds of ID 15021 in the system event log that says "An error occurred while using SSL configuration for endpoint 0.0.0.0:444.  The error status code is contained within the returned data."

Here's the steps to fix it:

1. Open a command prompt.

2. Enter netsh http show sslcert  This will show the certs on the server.  Copy and paste this information into notepad.  Copy this info "IP: port: 127.0.0.1:443".  Note that this information contains the certificate hash and the application ID.  This is the information needed.

3.  Run this command:  netsh http delete sslcert ipport=0.0.0.0:444

4.  Next run this command:  netsh http add sslcert ipport=0.0.0.0:444 certhash=123443211234321123 appid="{ab34k32abkr3252jsnekgljw}"  Make sure to include the quotes around the appid.

5. Finally restart the server.

This is all it takes to correct the issue.  Apparently this glitch is specific to Exchange 2013 as a web based ECP doesn't exist in the earlier versions.

Simple fix to a real inconvenience.

Good luck!

6 comments:

Felix Nielsen said...

Thanks! this did it for me, I had the error after system updates

Anonymous said...

We upgraded our Exchange 2013 from SP1 to CU14 and had this issue on reboot. Your solution got it all working again. Thank you so very much!

Anonymous said...

Wow! Had this bite me tonight when I rebooted the Exchange server.
Thanks for your clear instructions!

Anonymous said...

SAVER!!!! My weekend saved. THANK YOU!!!!

Unknown said...

This happened to me after KB4073392. I actually just changed the cert on 444 on the exchange backend in IIS (it had no cert at all). As soon as i did that everything came back. I still put this method in my note in case it happens again and i can't get into IIS.

Unknown said...

I had this happen after KB4073392. I was able to open IIS, so i was able to check 444 on exchange backend. It had no cert at all. I changed it to the proper cert and everything came back. I put this method in my notes just in case it happens again and i can't get into IIS.