After Windows 2019 CU KB5012647, enabling IIS automatic rebind of renewed certificates gets an error

Senior Member

Hello everyone,

after installing the KB5012647 cumulative update on a Windows Server 2019 it seems no longer possible to enable the IIS function "automatic rebind of renewed certificates". I get this error:

Error occurred when trying to register automatic rebinding of certificate.

Details: The process creation has been blocked


Screenshot 2022-06-20 013004.jpg


Any hint ?

Thank you


3 Replies

@sarchio69 we are experiencing the same issue. Did you find if there was a workaround?

Share two solutions,
1. Open a cmd with admin privileges, run an MMC, and add the IIS-Console Try the same to enable IIS certificate auto-renew. it works for me
2. The IIS certificate auto-renew is a scheduled task under 'Task scheduler-Microsoft-Windows-CertificateServiceClient'. You can create the scheduled task manually.

The fix for this issue for WS2019 was released in the November 2022 patch Tuesday release; however, the fix is behind KIR (Known Issue Rollback) and has to be enabled via Group Policy. In a few months the KIR will be removed and the fix will be enabled by default afterwards.

To enable the fix, you will need to download and install a Group Policy from

The below article has information on enabling the GP after it's installed: