Tonight I was doing some load testing on an application I’m developing. Initially I was testing without SSL, but then needed to switch over to SSL, but hadn’t setup by development server with a cert. I jumped onto ssl4net (a free online certificate management site) and created a new cert for my server and proceeded to import it in IIS 7, but got the error “A specified login session does not exist. It may already have been terminated”.

I jumped around on Google for a bit and found this post by Omri Gazitt, and another post by FreakCode. The first talked about granting everyone permissions to the file that corresponds to the cert (on my computer the RSA certs are located at C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys). I remember doing something similar to this before, but it just didn’t seem right. The second post suggested marking the certificate as exportable when importing in IIS, and I had already done that so that wasn’t my problem either.

I decided to remove the cert, and try using the MMC Certificate snap-in to import the cert. I also gave it a friendly name from with-in the MMC. Going back to IIS and selecting this cert in the binding dialog no longer produced an error. I don’t know if it was how I imported it, or the friendly name, but it is/was too late to go back and play with it any more.