Recently, I have assisted a Premier customer who installed a new certificate on Windows Server 2008 R2 but was unable to bind the certificate to the Website hosted on IIS. 7.5. This is the error we were getting:
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001
Log Name: System
Date: 7/2/2016 9:52:25 AM
Event ID: 36870
Task Category: None
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
The error indicates that IIS is not able to access the certificate’s private key.
Steps we took to fix the issue:
- Contact your certificate vendor for a certificate with private key. Import the cert and do the binding in IIS.
- Temporary Workaround:
- Assuming this is a valid certificate, verify that the certificate includes a private key. Double clicking the certificate in certificate manager (Certificate store) should say “You have a private key that corresponds to this certificate”:
- Export certificate with its private key
- Now re-imported using the “Mark the private key exportable”.
- Now do the binding in IIS.