Lansweeper has some great instructions for adding a SSL certificate to their IIS server. I added a SSL certificate to the lansweeper server 11 months ago, and now it was time to update the certificate. I logged into my digicert account and downloaded a pkcs 7 certificate to install into lansweeper. I installed the cert to Certificates -> Personal -> Certificates.
and following Lansweeper's instructions also updating the iisexpressSvc.exe.config and restarting the service. To my surprise I got the following error.
Being unable to bypass the error I discovered that putting the old certificate's thumbprint back into place or setting "UseCustomSSLCertificate" to 0 you would be able to access lansweeper again.
<add key="UseCustomSSLCertificate" value="0"/>
<add key="CertificateThumbPrint" value="$TLSThumbprint"/>
The error logs were not really helpful either; showing just a binding error.
--------------------------------------Error Logs----------------------------------
me: 22-04-2021 12:06:50 - Result: ADD Custom URL - Port: 443
Time: 22-04-2021 12:06:50 - Result: Error Performing Commands. System.ComponentModel.Win32Exception (0x80004005): A specified logon session does not exist. It may already have been terminated at SslCertBinding.Net.HttpApi.ThrowWin32ExceptionIfError(UInt32 retVal) at SslCertBinding.Net.CertificateBindingConfiguration.<>c__DisplayClass1_0.<Bind>b__0() at SslCertBinding.Net.HttpApi.CallHttpApi(Action body) at SslCertBinding.Net.CertificateBindingConfiguration.Bind(CertificateBinding binding) at IISExpressSvc.ServiceStart.PerformCommands(String thumbPrint, Boolean isCustom, Boolean debug)
Time: 22-04-2021 12:07:04 - Result: === Stop ===
Time: 22-04-2021 12:07:29 - Result: === Start ===
Time: 22-04-2021 12:07:29 - Result: ADD Custom URL - Port: 443
Time: 22-04-2021 12:07:29 - Result: Error Performing Commands. System.ComponentModel.Win32Exception (0x80004005): A specified logon session does not exist. It may already have been terminated at SslCertBinding.Net.HttpApi.ThrowWin32ExceptionIfError(UInt32 retVal) at SslCertBinding.Net.CertificateBindingConfiguration.<>c__DisplayClass1_0.<Bind>b__0() at SslCertBinding.Net.HttpApi.CallHttpApi(Action body) at SslCertBinding.Net.CertificateBindingConfiguration.Bind(CertificateBinding binding) at IISExpressSvc.ServiceStart.PerformCommands(String thumbPrint, Boolean isCustom, Boolean debug)
Time: 22-04-2021 12:07:40 - Result: === Stop ===
Time: 22-04-2021 12:08:03 - Result: === Start ===
Time: 22-04-2021 12:08:03 - Result: ADD Custom URL - Port: 443
Time: 22-04-2021 12:08:03 - Result: ADD Custom SSL - Port: 443
Time: 22-04-2021 12:21:09 - Result: === Stop ===
Time: 22-04-2021 12:21:29 - Result: === Start ===
Time: 22-04-2021 12:21:29 - Result: ADD Custom URL - Port: 443
Time: 22-04-2021 12:21:29 - Result: Error Performing Commands. System.ComponentModel.Win32Exception (0x80004005): A specified logon session does not exist. It may already have been terminated at SslCertBinding.Net.HttpApi.ThrowWin32ExceptionIfError(UInt32 retVal) at SslCertBinding.Net.CertificateBindingConfiguration.<>c__DisplayClass1_0.<Bind>b__0() at SslCertBinding.Net.HttpApi.CallHttpApi(Action body) at SslCertBinding.Net.CertificateBindingConfiguration.Bind(CertificateBinding binding) at IISExpressSvc.ServiceStart.PerformCommands(String thumbPrint, Boolean isCustom, Boolean debug)
Time: 22-04-2021 12:21:53 - Result: === Stop ===
Doing some checks on Lansweeper's website I came across the same error on the forums. PR_CONNECT_RESET_ERROR when trying to connect via HTTPS - Followed the instructions. Why is my result bad?
After trying the notepad instructions, and it failing spectacularly, I researched the error "A specified logon session does not exist. It may already have been terminated."
On techraptor.net I found this post https://techraptor.net/guides/how-to-fix-iis-server-error-specified-logon-session-does-not-exist stating that the certificate had to be reimported, following this procedure:Run MMC
Here’s how to fix:
Open up certificates in MMC
Step 1: Open up a Run window and type “mmc”
Step 2: Click File > Add/Remove Snap In
Step 3: Add > Certificates, Click OK
Step 4: Choose “Computer Account”, then “Local Computer” and proceed.
Step 5: Hit OK
Export Certificate in MMC
Step 1: Open “Certificates”
Step 2: Open the folder where your certificate is stored.
Step 3: Right Click on Certificate, All Tasks, Export
Step 4: Export to the server Desktop
Now you should be able to re-import your certificate into IIS (or just into MMC) without issue. Restart IIS, and Note: You may have to reimport as “Complete certificate renewal” depending on your certificate. This did not fix the certificate issue.
