Can't connect via HTTPS from VS 2005b2 to VSS 2005b2 on SBS 2003 (error 0x80072F0D)
Hi,
We've be wrestling with getting VSS up and running, and finally it is working over http.
Now, requiring SSL by going to Server -> Configure on VSS Admin gives us an error:
"Failed to enforce SSL requirement on IIS. VSS Web Service is disabled on this machine. Configure IIS to allow SSL connections and enable the VSS Web Service from SourceSafe Admin."The service gets set up fine, virtual directories and all - but no joy on https. The webserver has a self-signed cert, with the common name being correct and all that, and we can access the WebService fine via a browser, and install the cert.
But, when we try to connect in VS 2005, after requiring SSL in the Plugin Settings, we get the error 0x80072F0D, which appears to be an SSL error or something before the SSL connection is even brought up - as we don't get an entry in our IIS logs.
Any ideas? I've installed the cert and the CA on the Computer account using the Certificates MMC snap-in, and still no joy. We're going nuts over here trying to figure this out...
[1070 byte] By [
NoahM.] at [2007-12-16]
Hello me, it's me again.
The solution to this, is that the CA cert for our self-signed cert did not get installed on the client machines. Despite the fact that the cert for the webserver got installed on the client box via IE, it just wasn't good enough for VSS!
To fix this, you will need to export the public key cert for the CA that signed your webserver's cert.
You can do this by going into mmc, and adding the Certificates snap-in for the Computer that signed yourwebserver's cert. Once you find the CA (typically under Trusted Root Certification Authorities), select Export... from the All Tasks context (right-click) menu, and when prompted do not select the private key.
Follow the same instructions to get the Certificates MMC on the client machine(s), then right-click on Trusted Root Certification Authorities, and select Import... Point it to your exported cert and place it in the Trusted Root Certification Authorities store.
Be sure to go over everything and make sure the rest of the VSS settings in VS are reverted back to defaults from any prior troubleshooting... ;)
Hope this helps someone!
I have been testing this some recently and ran into the same error message you did. While the error messages we received were the same, the resolution was different so I thought I would share it with everyone.
When applying for your certificate, you put in a machine name. While this should be a FQDN, you can put in just the machine name and get through. When starting the process in Visual SourceSafe Admin to setup your VSS Web Service with SSL Certificates in place, you are asked to place in a machine name as well. These two names must match.
As soon as I had either an FQDN in both areas (cert request and VSS Admin configuration for the web service) or just the machine name in both places, it works. If it is mixed (FQDN in one place, machine name in the other) it will not work and this is the error message you will get.
HTH
Brett Keown
Microsoft Developer Support
Team Development Group - DSV
This posting is provided "AS IS" with no warranties, and confers no rights.
