Exchange: An error occurred while using SSL configuration for endpoint

After changing the certificate on Exchange 2013+2016 (AND you have rebooted it – or it will happen eventually if you forget!), you may experience this when logging into ECP, you get the username and password prompt, you press login and – BAM:

You look in the event logs, and you see this:

EventID: 15021
An error occurred while using SSL configuration for endpoint The error status code is contained within the returned data.

No need to be scared, this is not difficult to use, what happens is that the IIS websites are not having the new certificate set, and the certificate window under the binding in IIS is just empty:

Just click the dropdown menu, and select the correct certificate you have imported and run a IISRESET on the command prompt afterwards or even better reboot the server if possible.

This issue occurs if the SSL binding on has one of more of the following issues:

  • The binding is installed incorrectly
  • The binding doesn’t have a certificate assigned.
  • The binding contains incorrect information.

For example, this issue occurs if the certificate hash of the binding is different from that of other bindings for application ID 4dc3e181-e14b-4a21-b022-59fc669b0914.

You can also fix via command prompt:

Type “netsh http show sslcert”:

Remove and replace the wrong certificate hash for by running this:

“netsh http delete sslcert ipport=”

“netsh http add sslcert ipport= certhash=a1d2a8d3275634xxxxxxxxxxxxxxxxx appid=”{4dc3e181-e14b-4a21-b022-59fc669b0914}”

Note: replace certhash with the full hash of your cert!

Reboot the server or do IISRESET command πŸ™‚


You get a blank page after logging in EAC or OWA in Exchange 2013 or Exchange 2016 (

Microsoft Exchange 2013 shows blank ECP & OWA after changes to SSL certificates |



  1. Gal Cohen

    I found this article 5 minutes after figuring it out. Leaving a comment for others that might see this. Try it, it fixed my issue!

    1. Martin (Post author)

      Thnaks a lot πŸ™‚

      best regards

  2. Dominic

    This worked great. I am an IT intern at a midsized medical production company in the states. Mail Exchange server went down when the Senior Sys Admin was out of town. Executives had Microsoft on the phone going down a rabbithole of troubleshooting database logs that had been delete. I saw the server pushing out SSL cert errors and then found a link to this page. Had it back up and running in about 10 minutes. Definitely got some brownie points from the team, so I thought I’d give you a thanks!

    Have a good one and hello from Minnesota USA!

    1. Martin (Post author)

      Wow thanks a lot for the kind words!
      Glad it helped and good luck with the brownies πŸ™‚

      Best regards

  3. Mortimer

    Thank you, thank you, THANK YOU!!
    Had to reboot a server this holiday weekend to swap out a failed UPS and for a while I thought I was going to be spending the rest of the day trying to figure out why Outlook, OWA and even EAC would not work. Second Google result for the error and I found this page.

    1. Martin (Post author)

      Glad to hear! thanks πŸ™‚

      Best regards

  4. Alistair Vernon

    Thank you, your are a life saver.

    1. Martin (Post author)

      Thanks πŸ™‚ – Glad to hear πŸ™‚

      Best regards


Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.