locked
Unable to access WHS - organisation's certificate has been revoked. RRS feed

  • Question

  • I have been having continuing problems with WHS access from the Internet. It will work fine for a time, then suddenly I get a message that router port forwarding has failed. I have tried a different router but was unable to get it to work at all.

    I reconfigured everything from scratch, including reconfiguring the domain. Yesterday everything worked fine. This morning I have no access and get the message that “The organisation’s certificate has been revoked”.

    Can anyone give me a clue as to what is going on?

    Friday, May 14, 2010 10:54 AM

Answers

  • Hello Patrick, and thanks for the time to post the extended suggestions.

    It seems that everybody that has come up with a solution to this problem has done it in a different way, and I am no exception.

    First of all, I was the one who screwed things up in the first place. When I tried to turn remote access off and then back on again, I entered my domain name with initial capitals instead of all lower case. The result was two certificates and, I assume, the source of the problem.

    So, I went to the server with remote access, then control panel->admin tools->ISS manager.

    In the ISS dialogue box I opened up the {server name} ->Web sites ->WHS Site ->{Right click} ->properties ->Directory security ->server certificate ->remove current certificate (whew)

    Exit remote acces -> start WHS console from a client computer  ->remote access ->reconfigure ->release domain name.

    Then reconfigure, using the same domain name.

    Go back to the server ->reopen the ISS dialogue box. The new certificate was assigned to my default web site instead of the WHS site. Use the server certificate button again to export the certificate, switch to the WHS site, and use the server certificate button again to import the certificate to the right place.

    I'm not using the default ISS site, so I left the certificate there as well.

    At the moment at least, everything is working again. (Who knows what tomorrow will bring?)

    I think a new world record in obscurity has been set.

    I would appreciate prompt feedback if anyone has an "OMG now you have really created a mess for yourself" :-)

    • Marked as answer by Roger1244 Wednesday, June 9, 2010 12:58 PM
    Wednesday, June 9, 2010 12:58 PM

All replies

  • I have been having continuing problems with WHS access from the Internet. It will work fine for a time, then suddenly I get a message that router port forwarding has failed. I have tried a different router but was unable to get it to work at all.

    I reconfigured everything from scratch, including reconfiguring the domain. Yesterday everything worked fine. This morning I have no access and get the message that “The organisation’s certificate has been revoked”.

    Can anyone give me a clue as to what is going on?

    Is this for a xxxxxx.homeserver.com domain (or a different domain)?  If the former, I get that when switching between WHS v1 and Vail.  You might try completely disabling RA, rebooting the server, then enabling it again.
    Sunday, May 16, 2010 5:37 PM
    Moderator
  • Yes, it is an xxx.homeserver.com domain.

    I don't know what v1 and Vail refer to, but disabling RA, rebooting the server, then re-enabling RA did not change anything - I still get "The organisation's certificate has been revoked."

    If it helps:

    • I can successfully ping my server by both its IP address and its domain name
    • I can successfully start the WHS home page with both http://xxx.HomeServer.com/home and http://IP Address/home
    • I get the certificate revoked block with both https://xxx.HomeServer.com/remote and
      https://IP Address/home
    • WHS console, RA page reports that RA is available; refreshing the details of the domain name gives all green check marks.
    Thanks for your help, looking forward to your next suggestion.
    Tuesday, May 18, 2010 6:36 PM
  • Is your server clock set years in the past/future?

     


    --
    Wednesday, May 19, 2010 10:43 AM
  • Server clock is set to the correct date and time.
    Wednesday, May 19, 2010 7:04 PM
  • It is a bit frustrating that no one seems to have any idea what is going on.

    I discovered yesterday that at least some computers are able to log on with https:// etc without getting the certificate revoked message. I tried de-installing and re-installing the WHS connector on my computer, but that didn't change anything.

    What is the next step if I can't get any answer here?

    Monday, June 7, 2010 10:41 AM
  • On 6/7/2010 5:41 AM, Roger1244 wrote:
    > It is a bit frustrating that no one seems to have any idea what is going on.
    >
    > I discovered yesterday that at least some computers /are/ able to log on
    > with https:// etc without getting the certificate revoked message. I
    > tried de-installing and re-installing the WHS connector on my computer,
    > but that didn't change anything.
    >
    > What is the next step if I can't get any answer here?
    >
     
    Hello Roger,
     
    I found this thread on the WeGotServed forum which may have some good
    ideas to try
     
    The first idea is to create a new domain name for your server, and see
    if that fixes the issue. The second is to delete any certificates that
    you have for your server's domain (I'm not sure if this was done in the
    client or on the server) and re-run the remote setup to generate a new
    certificate.
     
    You may want to post something over there as well, just to see if
    someone has a solution. If you get a solution from there, please reply
    here with it as well (so that people can find the answer in the future).
     
    Hope this helps, and have a great day:)
    Patrick.
     
    --
    Smile... Someone out there cares deeply for you.
    Have you updated your OS and Antivirus today?
     

    Smile.. Someone out there cares deeply for you.
    Monday, June 7, 2010 4:39 PM
  • Hello Patrick, and thanks for the time to post the extended suggestions.

    It seems that everybody that has come up with a solution to this problem has done it in a different way, and I am no exception.

    First of all, I was the one who screwed things up in the first place. When I tried to turn remote access off and then back on again, I entered my domain name with initial capitals instead of all lower case. The result was two certificates and, I assume, the source of the problem.

    So, I went to the server with remote access, then control panel->admin tools->ISS manager.

    In the ISS dialogue box I opened up the {server name} ->Web sites ->WHS Site ->{Right click} ->properties ->Directory security ->server certificate ->remove current certificate (whew)

    Exit remote acces -> start WHS console from a client computer  ->remote access ->reconfigure ->release domain name.

    Then reconfigure, using the same domain name.

    Go back to the server ->reopen the ISS dialogue box. The new certificate was assigned to my default web site instead of the WHS site. Use the server certificate button again to export the certificate, switch to the WHS site, and use the server certificate button again to import the certificate to the right place.

    I'm not using the default ISS site, so I left the certificate there as well.

    At the moment at least, everything is working again. (Who knows what tomorrow will bring?)

    I think a new world record in obscurity has been set.

    I would appreciate prompt feedback if anyone has an "OMG now you have really created a mess for yourself" :-)

    • Marked as answer by Roger1244 Wednesday, June 9, 2010 12:58 PM
    Wednesday, June 9, 2010 12:58 PM