You cannot browse to an SSL-secured Office SharePoint Server 2007 site or to the Search Settings page for a Shared Services Provider

Article translations Article translations
Article ID: 962928 - View products that this article applies to.
Expand all | Collapse all

Symptoms

You cannot browse a Secure Sockets Layer (SSL)-secured Microsoft Office SharePoint Server 2007 site or to the Search Settings page for a Shared Services Provider (SSP).

Additionally, you receive an error message that resembles the following the Application log on the server in the server farm that is running Office SharePoint Server 2007:

Note This error is logged every minute.

Event Type: Error
Event Source: Office SharePoint Server
Event Category: Office Server Shared Services
Event ID: 6482
Date: DD/MM/YYYY
Time: hh:mm:ss
User: N/A
Computer: Server Name
Description:
Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (GUID).
Reason: The underlying connection was closed: An unexpected error occurred on a send.
Technical Support Details:
System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at Microsoft.Office.Server.Search.Administration.SearchApi.RunOnServer[T](CodeToRun`1 remoteCode, CodeToRun`1 localCode, Boolean useCurrentSecurityContext, Int32 versionIn)
at Microsoft.Office.Server.Search.Administration.SearchApi..ctor(WellKnownSearchCatalogs catalog, SearchSharedApplication application)
at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean)

Cause

This issue occurs when the following conditions are true:
  • The server that is running Office SharePoint Server 2007 has the query role in a server farm.
  • The server farm was updated with Microsoft .NET Framework 3.5 Service Pack 1 (SP1).
  • The roles of the query server and the index server are not on the same server in the server farm.
This causes the self-issued certificate that is used by the Office Server Web Services to become corrupted.

Resolution

To resolve this issue, follow these steps:
  1. Stop the Office SharePoint Services Search service. To do this, follow these steps:
    1. Click Start, click Run, type cmd , and then click OK.
    2. At the command prompt, type net stop osearch, and then press ENTER.
    3. Type exit to exit the command prompt.
  2. Download and install the IIS 6.0 Resource Kit Tools. To obtain the IIS 6.0 Resource Kit Tools, visit the following Microsoft Web site:
    http://www.microsoft.com/downloads/details.aspx?familyid=56FC92EE-A71A-4C73-B628-ADE629C89499
  3. On each server in the farm that has Office SharePoint 2007 installed, follow these steps:
    1. Click Start, click Run, type cmd , and then click OK.
    2. Navigate to the location of the IIS 6.0 Resource Kit Tools (default location is: C:\Program Files\IIS Resources\SelfSSL)
    3. At the command prompt, type selfssl /s:951338967 /v:1000, and then press ENTER.

      Notes
      • For 64 bit Server, 951338967 is the default ID of the Office Server Web Services certificate.
      • For 32 bit Server, 1720207907 is the default ID of the Office Server Web Services certificate. You can check the ID of Office Server Web Services from IIS.
      • 1000 is the number of days that the certification will be valid.
      • You need to execute the selfssl command on each MOSS Server in the farm which is running a "Office Server Web Services" site.
      • SharePoint partly uses SSL name resolution in the background between farm servers, which users generally do not need to be aware of.
  4. Start the Office SharePoint Services Search service. To do this, follow these steps:
    1. At the command prompt, type net start osearch, and then press ENTER.
    2. Type exit to exit the command prompt.
  5. Download and install the following update to the .NET Framework 3.5 SP1. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    959209 An update for the .NET Framework 3.5 Service Pack 1 is available

Status

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section.

More information

For more information about the issues that are associated with the .NET Framework 3.5 Service Pack 1 after you upgrade from the .NET Framework 3.0 Service Pack 1, click the following article number to view the article in the Microsoft Knowledge Base:
958484 List of the breaking issues with the .NET Framework 3.0 Service Pack 1 after you upgrade to the .NET Framework 3.5 Service Pack 1

Properties

Article ID: 962928 - Last Review: July 12, 2013 - Revision: 4.1
Applies to
  • Microsoft Office SharePoint Server 2007
  • Microsoft .NET Framework 3.5 Service Pack 1
Keywords: 
kbdigitalcertificates kbssl kberrmsg kbexpertiseinter kbsurveynew kbprb KB962928

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com