Exchange 2016 – EVENT ID 15021- Blank ECP / OWA & Error connecting to Outlook

If you have been following my blog, I recently migrated my Exchange 2010 server to a new 2016 server. There have been a few hiccups along the way however for the most part  the experience has been good and user disruption minimal, until I encountered Event ID 15021.

ExchangeLast night during a maintenance window I applied my Microsoft updates and rebooted the server. Shortly after reboot I attempted to open Outlook and it failed with a server unavailable error. OWA and ECP both showed BLANK white screens. I began to panic a little because this is probably the IT guys worst nightmare! Working in the industry for over 20 years I put my panic aside and began my standard troubleshooting procedure.

STEP 1 – Event logs are your friend

Immediately opening the System log I found 100’s of Event ID 15021 over and over about one per second

Event ID 15021
Event 15021

Launching my browser and a quick Google search lead me to believe there was an issue with the SSL certificate I applied to the server a few weeks before. I attempted to reassign the SSL cert in IIS manager and then an IISRESET but it didn’t help.

STEP 2 – Ask Google for help -Event ID 15021

Finally I found Adam1115’s blog and read this short article which pertained to Exchange 2013 :  (LINK)

You have an exchange 2013, after some unknown event nobody can get to OWA or ECP (or any other IIS based resource including outlook.)  Instead, users get a login screen then a blank page.  In the system event log, you see hundreds of id 15021 on the source HttpEvent that say “An error occurred while using SSL configuration for endpoint 0.0.0.0:444.  The error status code is contained within the returned data.” 

  • – Open the Command Prompt
  • – Run-

netsh http show sslcert

  • – This will show the certs, copy and paste this information into notepad.  Under     IP:port   : 127.0.0.1:443, note the certificate hash and application ID.
  • – Run this command-  (Yes, I know there is no :444 listed in the output from the earlier command.)

netsh http delete sslcert ipport=0.0.0.0:444

  • – Run this command.  Replace certhas with the certificate hash and appid with the application ID you saved in notepad.

netsh http add sslcert ipport=0.0.0.0:444 certhash=123123123123123 appid=”{123123123123-1231231235}”

  • – Reboot the server.

After following the above instructions the server rebooted and all services were accessible again, however the system switched back to the self signed certificate. I went back to the server ECP and assigned the 3rd party SSL to IIS and all was once again well with the world!

I thank Adam 1115 for his original post on this matter, and I hope by re-posting this information I can help others.

Thank you for reading my blog,
-Joe

 

Leave a Reply