#1424 Install and bind of EV SSL cert fails on Server 2008
My installer is built with build 3.0.4714. It installs a VeriSign EV SSL cert (in one component) and a new website (in another component). If the website is configured without an SSL binding (e.g. no CertificateReference to the cert), the install works and the cert appears in IIS manager under "Server Certificates". The cert appears with private key intact. However, after the install has completed, if I attempt (using IIS 7 admin console) to manually add a secure binding to the newly-created site using the newly-installed cert I get the error "A specified logon session does not exist. It may already have been terminated. (Exception from HRESULT: 0x80070520)"
This sounds like the problem described here: http://forums.iis.net/t/1149042.aspx. I am suspicious the CA is installing the cert, but without the "Mark Exportable" flag.
As soon as I add a secure binding to the website component, where the binding is configured via a CertificateReference to the installed SSL cert, the installer fails with a "Failed to write to metabase /LM/W3SVC/siteid/" message. Presumably because the above error is being encountered by the CA. Note, however, that I did not verify this with a debugger.
My interim work-around is to remove the SSL cert from the installer, and install it manually on the target system (with "Mark Exportable"), then manually add the SSL binding to the website after the installer runs.
Discussion
This artifact has been marked as a duplicate of artifact 2155318 with reason:
Private keys of certificates are currently being incorrectly deleted.