RE: netsh error - 1312

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Logging on as a domain admin rather than just a local admin seems to get
around this problem. Restricting netsh to domain admins does not seem like
what is needed. In the case I have here that means that I need a Domain admin
to log on to each workstation just to install the ssl certificate. This is
going to be a real problem with the workstation support people!
--
Scott Norberg


""Steven Cheng"" wrote:

Thanks for your reply Scott,

As for the "1312" and "... logon session not exists" error, they're very
general error (also occurs in other remote accessing context), therefore,
and I've also performed some research based on this error message(with ssl
certificate context), but didn't find any useful records.

I think the problem is still with the certificate. For creating the
certificate, if you have IIS installed, you can try using IIS's ssl
certificate request wizard to generate a SSL certificate creation request.
Then, you can use that generated request to create a certificate from your
windows certificate server.

#How do I¡­ Request and install SSL certificates in IIS 7.0?
http://blogs.techrepublic.com.com/howdoi/?p=159

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.


--------------------
From: =?Utf-8?B?U2NvdHQ=?= <snorberg@xxxxxxxxxxxxxxxxx>
References: <0CE27FBE-2C02-48B0-BA97-6405EEE4BF95@xxxxxxxxxxxxx>
<wF7Dy7uSJHA.6088@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: netsh error - 1312
Date: Thu, 20 Nov 2008 06:54:04 -0800


Steven,

I had previously read that thread and ignored it because the options given
in the example did not match what was given from the makecert /? response.
The example uses both -sky and -r which are not shown.

I am using elevated privilege in my command box.

Running the example from the article I was able to create the certificate
and run the netsh command.

I still would like to know what the 1312 really indicates, And I still need
to know how to create a certificate from my enterprise certsvr for this
purpose.

I have found that these things always seem to work when you use makecert
but
I can then never recreate a certificate from the cert server that does the
same thing. There must be an article (not a book) that tells how to do
that,
any suggestions?
--
Scott Norberg


""Steven Cheng"" wrote:

Hi Scott,

From your description, you're trying to use HTTPS/SSL for a self hosted
WCF
service. However, you're encountering the following error when registring
the SSL certifictae for the https port, correct?

===============
SSL Certificate add failed, Error: 1312
A specified logon session does not exist. It may already have been
terminated.
=============

I've just performed a local test, including test cert creating, ssl port
registering and WCF service host and running. For certificate creation
and
ssl port registring, I followed this thread:


http://social.msdn.microsoft.com/forums/en-US/wcf/thread/a6423cfc-5b11-4900-
b9bb-e7f4fac940c4/

There are two things you may have a further check:

1. When run the netsh command to register sslcert, have you used elevated
token(to start the commandline prompt)? This is necessary, otherwise ,the
normal permission is not sufficient.

2. My test use a test cert generated via "makecert.exe" (as mentioned in
the above thread). You can also try using a makecert generated cert to
see
whether it works. If so, that means the problem is specific to
certificate.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you.
Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.

Note: MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 2 business day is acceptable. Please note that each
follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions. Issues of
this
nature are best handled working with a dedicated Microsoft Support
Engineer
by contacting Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/en-us/subscriptions/aa948874.aspx
==================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.



--------------------
From: =?Utf-8?B?U2NvdHQ=?= <snorberg@xxxxxxxxxxxxxxxxx>
Subject: netsh error - 1312
Date: Wed, 19 Nov 2008 15:19:00 -0800


I have seen numerous posts, both here and google, where people are having
this issue, but I have yet to see an explanation of the problem.

I have a WCF service that is working fine using http. But now we need to
upgrade it to use SSL. To do this we need to install and register a
server
certificate.

I got a certificate (Web Server) from our enterprise cert server.
Exported
it as a cer file and installed it on my development machine (Vista 64
ultimate, vs2008).

running netsh

netsh>http add sslcert ipport=0.0.0.0:5433
certhash=b6306171c7f42d54b59fd8c47d07d260b336e199 clientc
ertnegotiation=enable appid={e0456eb3-e143-4092-9f84-7527136625cd}

SSL Certificate add failed, Error: 1312
A specified logon session does not exist. It may already have been
terminated.

where certhash is the thumbprint from the certificate and the appid is
the
guid from the assemblyinfo.cs file on the server project.

What does 1312 indicate?
--
Scott Norberg


.

Relevant Pages

  • Re: Use a private key file generated from Linux for digital signature in .NET
    ... you might want to use certificate support ... >> private key and SSL certificate altogether. ... I will get a new SSL certificate using the keys ...
    (microsoft.public.platformsdk.security)
  • Re: Use a private key file generated from Linux for digital signature in .NET
    ... you might want to use certificate support ... >> private key and SSL certificate altogether. ... I will get a new SSL certificate using the keys ...
    (microsoft.public.dotnet.security)
  • Re: SBS2003 R2 Exchange issue
    ... SBS server, when you expand Public Folders, you get error: SSL certificate ... Restart Exchange System Manager. ...
    (microsoft.public.windows.server.sbs)
  • RE: netsh error - 1312
    ... \par SSL Certificate add failed, ... \par I've just performed a local test, including test cert creating, ssl port registering and WCF service host and running. ... For certificate creation and ssl port registring, ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: Healthcare Standards and Regulations
    ... SOFTWARE SECURITY ENGINEER ... an SSL certificate. ... Certificate on your Apache web server. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)