Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated #621

Open
anil1890 opened this issue Jan 28, 2020 · 2 comments
Open

SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated #621

anil1890 opened this issue Jan 28, 2020 · 2 comments

Comments

@anil1890
Copy link

anil1890 commented Jan 28, 2020
edited by xorima
Loading

Getting error
"SSL Certificate add failed, Error: 1312 A specified logon session does not exist. It may already have been terminated"

windows_certificate "C:/tmp/cert/certpfx.pfx" do
  pfx_password "12345"
  user_store false
end
windows_certificate_binding 'Binding' do
  action :create
  name 'CN=www.demo.com'
  name_kind :subject
  store_name "MY"
  port 443
  address '0.0.0.0'
end

After googling find that this is not working due to "Allow Export " is not setting true while import certificate
I can able to install same certificate manually with allow export true

Please help how to resolve this.

also same thing working fine using powershell script

powershell_script 'Cert_install' do
  code <<-EOH
    $securePWD = ConvertTo-SecureString "#{node.run_state['path_values']['certpwd']}" -AsPlainText -Force
    Import-PfxCertificate -FilePath "#{node['br_ics_ppi_app_app']['cert']}/pfx.txt" -CertStoreLocation cert:\\LocalMachine\\My -Password $securePWD
    Import-Certificate -FilePath "#{node['br_ics_ppi_app_app']['cert']}/certchain.txt" -CertStoreLocation Cert:\\LocalMachine\\CA
    Import-Certificate -FilePath "#{node['br_ics_ppi_app_app']['cert']}/certroot.txt" -CertStoreLocation Cert:\\LocalMachine\\Root
    & {iisreset}
  EOH
  notifies :run, 'powershell_script[add_cert_website]', :immediately
  not_if "[bool](dir cert:\\LocalMachine\\My | ? { $_.subject -like '*#{node.run_state['path_values']['r53privzone']}*'})"
end
powershell_script 'add_cert_website' do
  code <<-EOH
    $cert_name = "#{node.run_state['path_values']['r53privzone']}"
    $cert_name = "*" + $cert_name.Trimend('.') + "*"
    $ssl_web_site_name = "#{node['br_ics_ppi_app_app']['site_name']}"
    $hostname = "#{node.run_state['path_values']['r53privzone']}"
    $hostname = $cert_name.Trimend('.')
    $ssl_web_site_port = 443
    $guid_value = [GUID]::NewGUID().ToString('B')
    $cert_thumb = $null
    $cert_thumb = (Get-ChildItem cert:\\LocalMachine\\My | where-object { $_.Subject -like $cert_name } | Select-Object -First 1).Thumbprint
    Get-WebBinding -Port $ssl_web_site_port -Name "$ssl_web_site_name" | Remove-WebBinding
    New-WebBinding -Name "$ssl_web_site_name" -IP "*" -Port $ssl_web_site_port -Protocol https
    netsh http show sslcert ipport=0.0.0.0:$ssl_web_site_port
    if ($LASTEXITCODE -eq 1) {
	    netsh http add sslcert ipport=0.0.0.0:$ssl_web_site_port certhash=$cert_thumb appid=$guid_value
    }
    Import-Module WebAdministration
    Stop-WebSite $ssl_web_site_name
    Start-WebSite $ssl_web_site_name
  EOH
  action :nothing
end

We use GitHub issues to track bugs and feature requests. If you need help please post to our Mailing List or join the Chef Community Slack.

Support issues opened here will be closed and redirected to Slack or Discourse.
@welcomebot
Copy link

Hey There
It looks like this is the first issue you've filed against the chef-cookbooks project. I'm here to offer you a bit of extra help to make sure we can quickly get back to you.
Make sure you've filled out all the fields in our issue template. Make sure you've provided us with the version of chef-client you're running, your operating system and the version of the cookbook. If you're not using the most up to date version of the cookbook then please make sure to update first. Lots of things change between versions even if you're issue isn't listed in the changelog. Finally please give us a detailed description of the issue you're having. The more we know about what you're trying to do, what actually happens, and how you can reproduce the problem, the better.

If you're looking for more immediate troubleshooting help make sure to check out #general on the Chef Community Slack. There's plenty of folks there willing to lend a helping hand. Thanks for the first issue. We hope we can get back to you soon with a solution.

@jchristn
Copy link

Sorry to necro an old issue, but I put this together for someone that had the dreaded 1312 issue. TLDR, generate your CSR using OpenSSL, use that to get your cert, then use OpenSSL to merge in your private key and convert to PFX, then install the PFX file.

https://github.com/jchristn/WatsonWebserver/blob/master/Documentation/OpenSSLCertificates.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jchristn @anil1890 @welcomebot