Recently I installed a SSL certificate on a Windows Server 2008 computer for the purpose of securing Terminal Services and Terminal Services Gateway (TSG). The certificate was created on a computer running Ubuntu 10.04 LTS (Lucid Lynx) using OpenSSL. The certificate was signed by my own certificate authority.
I had no problem installing the SSL certificate on Windows Server 2008 and it worked well. However, when I rebooted the server, all hell broke loose. The Windows Server 2008 computer hanged (i.e. froze, got hung, freezed up, etc.) during startup, apparently while applying computer settings and starting services.
If I remember correctly, there were no error messages on screen or in the Event Viewer. However, in the Services Control Panel applet, I noticed that several services were stuck at status “starting”.
Since the only change I had made to the computer before the reboot was to install the SSL certificate, I figured the certificate was somehow to blame. This was confirmed by uninstalling the certificate and rebooting the server. In that case, the server started up normally.
Obviously, removing the SSL certificate was not a viable long term solution. Luckily, I found the thread “Windows 2008 (Standard) x64 – Services not starting” on Microsoft’s Technet forums. That user had a similar situation. The thread pointed me to a solution in the Microsoft Knowledge Base article “Windows Server 2008 computers hang during startup while applying computer settings and services configured to start automatically fail to start” (article ID: 2004121).
Here is an excerpt from that KB article, which shows the solution I used to solve my problem:
To resolve this issue you can modify the behavior of HTTP.SYS to depend on another service being started first. To do this, perform the following steps:
- Open Registry Editor
- Navigate to HKLM\SYSTEM\CurrentControlSet\Services\HTTP and create the following Multi-string value: DependOnService
- Double click the new DependOnService entry
- Type CRYPTSVC in the Value Data field and click OK.
- Reboot the server
I hope that helps.
You just saved my f*ng life!
Awesome!
Stan,
I’m glad I could help. It took me a couple of days of pulling my hair out to figure out what the problem was and how to fix it!
We’ve been trying to upgrade our web server for about 2 weeks now and we finally have a solution to the problem. Thank you for your efforts!