Direct Access problem - HTTP 404 error since installing new certificate

Gloria Gu 3,891 Reputation points
2020-07-15T05:35:17.267+00:00

Hello all,

I have taken over at a school that uses Direct Access. The previous IT Manager used free 90 day certificates which expired on Direct Access stopping it working. I purchased a domain wildcard and (believe) I have installed it correctly. It was difficult for me as the server is running core edition so I had to import and bind with Powershell which I haven't done before.

As soon as I did the bind, I could see the certificate looked good where as before it was expired however on refresh, a not found http 404 error is shown instead of the usual IIS landing page.

I used an SSL Checker site which shows everything is ok with the certificate. I wonder if this is because I have gone form a specific certificate aquired for that address, i.e a certificate created for da.domain.org to a *.domain.org wildcard. Do I need to change some settings in Direct Access?

One thing I did also notice that may be relevant is that if I use MMC to connect to the personal certificate store of the server, I don't see my new certificate in there where as I can see the old ones. I imported to the personal 'MY' store.

Any help would be really appreciated.

Many Thanks

Thread source link: https://social.technet.microsoft.com/Forums/en-US/116b1601-e1c8-4806-9529-efba82986c7c/direct-access-problem-http-404-error-since-installing-new-certificate?forum=winserverNIS

Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
515 questions
0 comments
Accepted answer
  1. Candy Luo 12,656 Reputation points Microsoft Vendor
    2020-07-16T01:42:06.987+00:00

    Hi ,

    Welcome to our new Microsoft Q&A Platform.

    According to the error code, please try to updates available kb2975719 and kb2975331 which address this issue, depending on the Operating System.

    Please refer the following link for more details:

    https://blogs.technet.microsoft.com/silvana/2014/03/14/schannel-errors-on-scom-agent/

    Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    You can check some browsers might simply not support the required level of SSL/TLS configured on your server.

    Refer the following article for more information:

    https://learn.microsoft.com/zh-cn/archive/blogs/kaushal/ssltls-alert-protocol-the-alert-codes

    If the problem still unsolved, it is recommended to have this asked in AD forum for better answers.

    AD forum: https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverDS

    About event ID:10016,these events can be safely ignored because they do not adversely affect functionality and are by design.

    Please refer the following link:

    https://support.microsoft.com/en-us/help/4022522/dcom-event-id-10016-is-logged-in-windows

    Best Regards,

    Candy

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest