PRB: HTTPS Post from BizTalk Server Fails with Error 80090325 (314252)


The information in this article applies to:

  • Microsoft BizTalk Server 2000 SP1a
  • Microsoft BizTalk Server 2002
This article was previously published under Q314252

SYMPTOMS

When you configure a port and channel combination to use HTTPS, BizTalk Server may fail to properly negotiate a secured connection over HTTPS.

This problem occurs when you install the 128-bit trial certificate from VeriSign on a Web server. In this scenario, only BizTalk Server breaks; you can use HTTPS from an Internet browser to successfully navigate to the secured site.

The following event log may be logged:
An error occurred in BizTalk Server.


Details:
------------------------------
An error occurred during transmission:
A secure connection with the remote server could not be negotiated. The server's certificate may not be valid.
Request information:

Proxy:
Proxy port:80
URL:https://Server/virtual/test.asp
Content-Type:text/plain; charset="utf-8"
User name:
Client certificate:US, North Carolina, Charlotte, Certificate Test, test Request body:119 Bytes
Timeout duration (seconds): 90
Error code:80090325

The server encountered a transport error while processing the messaging port "securetomjones", which uses a transport component with a ProgID of "BizTalk.SendHTTPX.1".

A transmission attempt failed.

CAUSE

This problem occurs because BizTalk Server only searches the local system certificate store for the security certificate that matches. Because the Certificate Installation Wizard and the installation wizards that Microsoft Internet Explorer uses do not place the security certificate in the local system store by default, you must manually place the security certificate in the local system store.

RESOLUTION

To resolve this problem, follow these steps:
  1. Double-click the security certificate or .cer file to start the Certificate Installation Wizard.
  2. Click Install, and then click Next.
  3. Select the Place all certificates in the following stores check box, and then click Browse.
  4. Select the Show physical stores check box.
  5. Click to expand the Trusted Root Certificate Authorities node, and then click Local Computer.
  6. Click OK, and then click Finish.
Modification Type:MajorLast Reviewed:5/23/2003
Keywords:kbprb KB314252
©2002 Microsoft Corporation. All rights reserved.