Hi,

I would like to configure the reporting web to use https: via 443 port but it just cannot bind and not success...

Where I can check the error or please further advice ...

Thanks

Microsoft.ReportingServices.WmiProvider.WMIProviderException: The SSL certificate is not trusted.

 ---> System.Runtime.InteropServices.COMException (0x80040241): TabletPC inking error code. The property was not found, or supported by the recognizer (Exception from HRESULT: 0x80040241)
   --- End of inner exception stack trace ---
   at Microsoft.ReportingServices.WmiProvider.RSWmiAdmin.ThrowOnError(ManagementBaseObject mo)
   at Microsoft.ReportingServices.WmiProvider.RSWmiAdmin.CreateSSLCertificateBinding(String application, String certificateHash, String ipAddress, Int32 port)
   at ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.CreateSSLCertificateBinding(UrlApplication app, String certificateHash, String ipAddress, Int32 port)

Would it be the cure ??

https://social.msdn.microsoft.com/Forums/sqlserver/en-US/0270b4d8-0055-45e1-99e7-ec5f06048191/having-issue-with-configuring-ssl-for-sql-reporting-services-on-azure-vm-the-ssl-certificate-is?forum=WAVirtualMachinesforWindows

However, I cannot select the imported cert from IIS site binding interface ...

Hi,

Would I wrongly put it in the first place.. ?

Everything looks ok... However, I import my certificates into the "Personal" folder running the certificate mmc as the local computer.  I would follow these directions, minus the whole repairing the certificate step...

https://support.microsoft.com/kb/889651/en-us?wa=wsignin1.0

Some other things to consider...

Here's another article to look at regarding whether an old certificate is bound...

http://thinknook.com/ssrs-ssl-certificate-nightmare-2011-06-28/

See the note at the end of this article regarding if you have ever had a cert bound to ssrs before...

https://msdn.microsoft.com/en-us/library/ms188133.aspx

Hi,

After I moved the two certs to the Trusted store, it still cannot get the good result but the error messages is different now.. Could you please further advise ...

Thanks

Hi kkcci88888,

Based on my understanding, you want to configure an report server URL as https:// with 443 port. After you move certificates to the trusted certificates, then you get a WinProviderException now.

In Reporting Services, when configuring a report server URL, we should issue a certificate and enroll it on report server. In your scenario, I would like to know have you created a self-signed certificate in IIS manager. If that is a case, based on my test, the certificate will display on the Trusted Root Certification Authorities tab when opening certmgr.msc. In your scenario, you should change the report server URL back to the original one in RSCM, then configure the SSL identities for report server again. About creating a report server URL as https://, please refer to this article:  A step-by-step example of configuring a reporting services point for HTTPS in System Center 2012 Configuration Manager.

If you have any question, please feel free to ask.

Best regards,
Qiu

Hi

NO, as my project is working for a department inside HK Government and I have make a CSR from IIS8 and use their returned .P7B file using the certmgr (I selected Computer and import the certs)

The updated error message is now ..... 

An unknown error has occurred in the WMI Provider. Error Code 80070520 > System.Runtime.InteropServices.COMException (0x80070520): A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)

Hi, 

I tried but it just cannot allow me to create the https:// 

then configure the SSL identities for report server again. About creating a report server URL as https://, please refer to this article:  A step-by-step example of configuring a reporting services point for HTTPS in System Center 2012 Configuration Manager.

I would try out the link you provided tomorrow... 

Thanks

Hi,

Another finding although it is not related to SQL but I have experience to renew my Exchange 2007 cert and it also not needs to go through the IIS except we use it to make a CSR

1. Generate a CSR from 2007 server (save as .txt)
2. Submit to Cert Authority
3. Returned the .CER and save it to \\ABC\C$
4. Issue the below command Get-exchangecertificate / Import-ExchangeCertificate / Enable-ExchangeCertificate Exchange powershell command

Would it be any SQL reporting power shell stuff can do the same... ?!

Thanks in advance ...

Hi,

Thanks for your information.

However, I also noticed that the SQL reporting server always hardcoded the URL as http://mycomputername/sqlexpress... but the DNS of this server is mycompany.com.hk so the URL should read http://mycompany.com.hk/sqlexpress is that also a problem it cannot registered the 443 as the cert's name is mycompany.com.hk instead of mycomputername ...

Thanks

Qiuyun

Would I did the wrong thing in the first place that I using the IIS to generate a CSR ?

Step 1: Issuing a Certificate and Enrolling it on Report Server

We need a certificate (with Server OID or Web Server Certificate) on our Report Server. The Subject Name of the Certificate should be the FQDN of Report Server as the URLs will be created using the same name. You can ask your PKI expert to provide you with this certificate on the Report Server or you can refer to the article below for information on creating, issuing and requesting the certificate.

Configure the Web Server certificate template: http://technet.microsoft.com/en-us/library/ee649187(v=WS.10).aspx

Request a Certificate: http://technet.microsoft.com/en-us/library/cc730689.aspx

To verify certificate enrollment, check the Personal Store of your Report Server and verify with the Template Name you provided initially while issuing the certificate.

Hi

NO, as my project is working for a department inside HK Government and I have make a CSR from IIS8 and use their returned .P7B file using the certmgr (I selected Computer and import the certs)

The updated error message is now ..... 

An unknown error has occurred in the WMI Provider. Error Code 80070520 > System.Runtime.InteropServices.COMException (0x80070520): A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)

Please see:

Got Error 0x80070520 When Binding Certificate to Web Site on IIS 7

Getting "A specified logon session does not exist. It may already have been terminated." while binding SSL certificates from a second server

Hope it helps.