If you have been following my blog, I recently migrated my Exchange 2010 server to a new 2016 server. There have been a few hiccups along the way however for the most part the experience has been good and user disruption minimal, until I encountered Event ID 15021.
Last night during a maintenance window I applied my Microsoft updates and rebooted the server. Shortly after reboot I attempted to open Outlook and it failed with a server unavailable error. OWA and ECP both showed BLANK white screens. I began to panic a little because this is probably the IT guys worst nightmare! Working in the industry for over 20 years I put my panic aside and began my standard troubleshooting procedure.
STEP 1 – Event logs are your friend
Immediately opening the System log I found 100’s of Event ID 15021 over and over about one per second
Launching my browser and a quick Google search lead me to believe there was an issue with the SSL certificate I applied to the server a few weeks before. I attempted to reassign the SSL cert in IIS manager and then an IISRESET but it didn’t help.
STEP 2 – Ask Google for help -Event ID 15021
Finally I found Adam1115’s blog and read this short article which pertained to Exchange 2013 : (LINK)
You have an exchange 2013, after some unknown event nobody can get to OWA or ECP (or any other IIS based resource including outlook.) Instead, users get a login screen then a blank page. In the system event log, you see hundreds of id 15021 on the source HttpEvent that say “An error occurred while using SSL configuration for endpoint 0.0.0.0:444. The error status code is contained within the returned data.”
- – Open the Command Prompt
- – Run-
netsh http show sslcert
- – This will show the certs, copy and paste this information into notepad. Under IP:port : 127.0.0.1:443, note the certificate hash and application ID.
- – Run this command- (Yes, I know there is no :444 listed in the output from the earlier command.)
netsh http delete sslcert ipport=0.0.0.0:444
- – Run this command. Replace certhas with the certificate hash and appid with the application ID you saved in notepad.
netsh http add sslcert ipport=0.0.0.0:444 certhash=123123123123123 appid=”{123123123123-1231231235}”
- – Reboot the server.
After following the above instructions the server rebooted and all services were accessible again, however the system switched back to the self signed certificate. I went back to the server ECP and assigned the 3rd party SSL to IIS and all was once again well with the world!
I thank Adam 1115 for his original post on this matter, and I hope by re-posting this information I can help others.
Thank you for reading my blog,
-Joe