cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an error

sarchio69
Copper Contributor

‎Jun 19 2022 04:41 PM

‎Jun 19 2022 04:41 PM

After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an error

Hello everyone,

after installing the KB5012647 cumulative update on a Windows Server 2019 it seems no longer possible to enable the IIS function "automatic rebind of renewed certificates". I get this error:


Error occurred when trying to register automatic rebinding of certificate.

Details: The process creation has been blocked

 

Screenshot 2022-06-20 013004.jpg

 

Any hint ?

Thank you

Riccardo

Labels:
7,395 Views
0 Likes
5 Replies
Reply
5 Replies
PF17

‎Jul 05 2022 12:37 PM - edited ‎Jul 05 2022 12:39 PM

‎Jul 05 2022 12:37 PM - edited ‎Jul 05 2022 12:39 PM

Re: After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an e

@sarchio69 we are experiencing the same issue. Did you find if there was a workaround?

0 Likes
Reply
Sven_Gao

‎Jul 26 2022 06:27 PM

‎Jul 26 2022 06:27 PM

Re: After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an e

Share two solutions,
1. Open a cmd with admin privileges, run an MMC, and add the IIS-Console Try the same to enable IIS certificate auto-renew. it works for me
2. The IIS certificate auto-renew is a scheduled task under 'Task scheduler-Microsoft-Windows-CertificateServiceClient'. You can create the scheduled task manually.
4 Likes
Reply
MattHamrick

‎Dec 28 2022 10:44 AM - edited ‎Mar 17 2023 03:56 PM

‎Dec 28 2022 10:44 AM - edited ‎Mar 17 2023 03:56 PM

Re: After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an e

The fix for this issue for WS2019 was released in the November 2022 patch Tuesday release (EDIT: and the fix for WS2022 was released in the October 2022 cycle - the same KIR stuff that follows has to be applied on both as of this writing); however, the fix is behind KIR (Known Issue Rollback) and has to be enabled via Group Policy. In a few months the KIR will be removed and the fix will be enabled by default afterwards.

To enable the fix, you will need to download and install a Group Policy from
https://download.microsoft.com/download/0/4/1/0413f07f-a428-4316-9673-2327c328dc34/Windows%2010%2018....

The below article has information on enabling the GP after it's installed:
https://learn.microsoft.com/en-us/troubleshoot/windows-client/group-policy/use-group-policy-to-deplo...

0 Likes
Reply
andrewmcn

‎Mar 10 2023 06:10 AM

‎Mar 10 2023 06:10 AM

Re: After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an e

I have this issue today and it wasn't helped by the KIR.
0 Likes
Reply
MattHamrick

‎Mar 10 2023 09:10 AM

‎Mar 10 2023 09:10 AM

Re: After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an e

I've not heard of any others experiencing the issue after applying the KIR post-patch. Make sure you go through the process again to ensure it's applied correctly. Also, I'm not sure when, but I'm sure it will be auto-applied soon.
0 Likes
Reply