I have a template Win2k3 machine with IIS 6 installed with a valid SSL certificate. The https site works perfectly.
However, after cloning this machine from Virtual Center and applying a unique SID customization, the https site no longer works. IIS still claims to have the SSL certificate installed correctly, but ssldiag says there is a problem.
I have tried resetting the permissions on the MachineKeys directory and contents and various other fixes I've found online, but to no avail. I get the impression that sysprep (which VMwares customization uses) is not handling translation of IIS's metabase properly when it has a SSL certificate installed, but I haven't been able to find any definitive documentation to back this up. Microsoft claims sysprep handles the IIS metabase properly.
Any ideas? Has anyone else had this issue?
I've seen this same issue on Windows 2008 with IIS 7. Open the Certificate MMC and remove the certs and put them back in. You shouldn't need to make any changes within IIS. You can probably script this out with a little bit of WMI.
I noticed the same problem as well.
It seems to be a problem with the private key becoming corrupted/inaccessible after being cloned.
You'll notice that if you try and export one of the certs that are not working you will no longer have the option to export the private key, at least that was the situation in my case.
Re importing the certs solved the problem for me also. I have noticed this on IIS5 and IIS6 servers.