wansec

the layer 8 chronicles

Odd Exchange error

by · May 6, 2023

Exchange returning HTTP ERROR 400

Have you experienced Exchange returning HTTP ERROR 400 and Event ID 15021? Well, I did, I came across an error on my Exchange servers returning event ID 15021 that started to return ERROR 400 after a reboot and it wasn’t trivial and obvious at first. By checking the logs, I quickly saw a number of events logged as event ID 15021 with the error message “An error occurred while using SSL configuration for endpoint 0.0.0.0:444. The error status code is contained within the returned data.” – this is not the first time we speak about Exchange server on the wansec blog.

The message is not incredibly meaningful, but it says SSL and it mentions that it affects the service binding on port 0.0.0.0:444. It’s a know fact that Exchange backend servers listen on port 81 and 444, so I went on to see if the service was healthy and tried to connect to the port 444 locally on one of the Exchange server. It did not work and returned and “HTTP ERROR 503”.

While it is not obvious, I quickly launched the IIS console and figured out that the backend server had no certificate available.

The fix for HTTP Error 400

The good news is that there is a relatively straightforward solution to this problem. The solution involves going into IIS and re-assigning the certificate from the list to Exchange.

Here are the steps to follow to do this:

  • Open the Internet Information Services (IIS) Manager
  • Navigate to the server hostname (redacted in my below screenshot)
  • Expand the “Sites” folder to display the “Exchange Back End”
  • Right click on the “Exchange Back End” and click “Edit Bindings…”
  • Select the line with type “https” listening on port 444 and click “Edit…”
  • In the lower section “SSL certificate” you will probably have “Not selected” in the dropdown list (or a fauly one)
  • Click the “Select…” button and pick the right certificate
  • Once you have select the right certificate, you can click on “View…” to verify it’s the right certificate
  • Go ahead and give is an “iisreset” to make sure it’s now healthy
  • Hoorah, if all went well you are back in business!

Screenshots to fix the Event 15021

A few screenshots can be helpful, and here are some for the above case.

The error message in the Event viewer
The view in IIS Manager
The place where you select and pick the SSL certificate
You can see no certificate is assigned to Exchange

Conclusion

In conclusion, troubleshooting Exchange server errors can be challenging, but by understanding common error messages and being familiar with the underlying infrastructure, you can successfully resolve many issues. Hopefully, the information presented here will be helpful to some of you in troubleshooting Exchange server errors.

Tags:

Gregory

Gregory

I'm Gregory from Switzerland, and this is a running log of thoughts, findings, and lessons learned over more than 20 years in IT. With a deep passion for networks and security, I focus on architecture, governance, and emerging technologies. My journey has taken me through complex challenges and continuous learning across various sectors. While this space mainly serves as my personal knowledge base, I hope that sharing these notes might also offer insights or inspiration to others navigating the ever-evolving digital landscape.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

33 − 27 =