SSL Diagnostics Tool for IIS 7

The SSL Diagnostics tool is a very useful tool for troubleshooting SSL issues.  It generates a detailed report of SSL settings for all the websites on an IIS server which helps in quickly identifying SSL issues.

But the tool was built for IIS 5 and 6, there is no version available which is compatible with IIS 7. The SSL Diagnostics tool does succeed in generating a report on IIS 7 if the IIS 6.0 Metabase Compatibility feature is installed.

To help troubleshoot SSL issues on IIS 7 I have written a tool which works in a similar fashion. It scans all the websites and FTPS sites configured on the server and generates a report which can help in identifying SSL issues.


If any certificate has issues you will get a report as follows.



Generate Report – Scans all websites and FTPS sites on the local server. If a certificate association is found it will list details of the certificate. It also performs a certificate validation on the certificate. For SSL bindings it also attempts to check if a TCP connection can be established.

Simulate SSL Web Request – Right clicking on a https binding gives you this option. It generates a SSL Web request based on the selected binding and displays the response received.

Verify Store – Basically is the output of certutil –verifyStore MY. Useful in identifying certain issues with certificates.


Attached contains SSLDiag.exe.
You do not have to install this but just run the exe. (“Run as Administrator”)
You do not need the IIS 6.0 Metabase Compatibility feature to be installed.
You can also save the report generated for your notes or latter analysis.
Requires .NET 2.0.

Hope it helps in reducing your troubleshooting time on SSL issues.

Bookmark and Share

Comments (9)
  1. SSL says:

    This Is New Comments To Download This Tools

  2. Mike G says:

    I’m having an issue with transport security and this might help.  Thanks

  3. JD says:

    Great tool and so on-time for me. I can use it for for www.****************.com and www.*****************.


  4. dehcbad25 says:

    Great tool. It helped me with something I was trying to do.

    I have been trying to generate a report in all sites bindings inside our web server. This will help me with it, even if it does not exactly does that.

  5. Teddy says:

    I think the title is contrary with the articles here.

    The tools was built to run in IIS 5 & 6, but the title mentioned for IIS 7

  6. Vishal Sindal says:

    It's ultimate application. Thanks for making engineers life easy.

    Also it thrown error on Windows Server 2008 R2 Enterprise SP2, IIS 7.5 even executed with "as Administrator".

    Please advise, if required fix it.

    Thanks a lot again.

    See the end of this message for details on invoking

    just-in-time (JIT) debugging instead of this dialog box.

    Exception Text***

    System.ArgumentNullException: Value cannot be null.

    Parameter name: value

      at System.BitConverter.ToString(Byte[] value)

      at b.d()

      at b.g()

      at System.Windows.Forms.Form.OnLoad(EventArgs e)

      at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)

      at System.Windows.Forms.Control.CreateControl()

      at System.Windows.Forms.Control.WmShowWindow(Message& m)

      at System.Windows.Forms.Control.WndProc(Message& m)

      at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)

      at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

    ************** Loaded Assemblies **************


       Assembly Version:

       Win32 Version: 2.0.50727.5477 (Win7SP1GDR.050727-5400)

       CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v2.0.50727/mscorlib.dll



       Assembly Version:

       Win32 Version:

       CodeBase: file:///C:/Users/998258-vishals/Desktop/SSLDiag/SSLDiag.exe



       Assembly Version:

       Win32 Version: 2.0.50727.5468 (Win7SP1GDR.050727-5400)

       CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/



       Assembly Version:

       Win32 Version: 2.0.50727.5467 (Win7SP1GDR.050727-5400)

       CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/


    and so on ********

  7. Mehmood says:

    Does it verify the same over internet or not ?

    what to do if the Server Certificate Validation Failed ?

  8. Leo says:

    Where is the Key Container and the Unique container name values pulled from ?

    We are having issues with our client certificates on one of our servers.  The key container has some {GUID}. the Unique container name is missing altogether. That's the only difference we can see between another client cert on another server.


  9. hi says:

    how can i troubleshoot my soundcard. it doesnt work

Comments are closed.

Skip to main content