IIS horror story 

During preparation for a work presentation for a complex project (designing transport level secure, distributed, endpoint independent web services) I needed to install some benign certificates to an IIS 6 machine. All hell broke lose when I did it and (production) machine failed completely. IIS Admin service would not start, UDDI Services went down, nothing worked.

After numerous hours of trying to fix at least IIS I got an idea of what was wrong.

Apperently the MachineKeys folder, which holds machine account private keys was screwed. No matter how hard I tried reinstalling IIS nothing worked. The solution was in manually deleting MachineKeys folder, encrypting it and setting appropriate permission set.

So, if you are ever in a situation where IIS Admin service would not start causing one of the following errors and you suspect MachineKeys is the reason for it, consider the steps below:

  • The system cannot find the file specified.
  • The handle is invalid.
  • Not enough storage is available to process this command.

Try this:

  • Uninstall IIS
  • Backup files in MachineKeys folder (c:\documents and settings\all users\application data\microsoft\crypto\rsa\machinekeys)
  • Delete MachineKeys folder
  • Create new MachineKeys folder
  • Assign Administrators group, SYSTEM account full permissions
  • ENCRYPT THE DAMN FOLDER (Properties, Encryption)
  • Copy keys if necessary
  • Reinstall IIS

Good luck.

Categories:  Personal | Web Services
Tuesday, March 2, 2004 9:59:25 PM (Central Europe Standard Time, UTC+01:00)  #    Comments


Copyright © 2003-2024 , Matevž Gačnik
Recent Posts
RSS: Atom:

The opinions expressed herein are my own personal opinions and do not represent my company's view in any way.

My views often change.

This blog is just a collection of bytes.

Copyright © 2003-2024
Matevž Gačnik

Send mail to the author(s) E-mail