ISA Web Proxy filter failed to bind its socket to port 443

Issue

When starting ISA services or restarting a server, ISA may be unable to bind to port 443.

Event Type: Warning
Event Source: Microsoft ISA Server Web Proxy
Event ID: 14148
Description:
The Web Proxy filter failed to bind its socket to 192.168.1.1 port 443. This may have been caused by another service that is already using the same port or by a network adapter that is not functional. To resolve this issue, restart the Microsoft Firewall service. The error code specified in the data area of the event properties indicates the cause of the failure.

NETSTAT reveals it is the SYSTEM process (PID 4)
C:\>netstat -ano 

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  ...
  TCP    0.0.0.0:443            0.0.0.0:0              LISTENING       4
  ...


Process Explorer doesn't show any unusual third party process that may be causing the issue.

Resolution

This can be caused by installing products such as Certificate Services which create bindings for port 443 in IIS. IIS loads before ISA, so takes control of port 443.

To find out if IIS has any bindings to port 443 use one of the following methods:
C:\Inetpub\AdminScripts>cscript //nologo adsutil.vbs get w3svc/1/securebindings


C:\>find ":443:" C:\WINDOWS\system32\inetsrv\MetaBase.xml


An example of a 443 binding:
<IIsWebServer Location="/LM/W3SVC/1" AppPoolId="DefaultAppPool" DefaultDoc="Default.aspx,Default.htm,Default.asp,index.htm,iisstart.htm" LogPluginClsid="{FF160663-DE82-11CF-BC0A-00AA006111E0}" SecureBindings=":443:" ServerAutoStart="TRUE" ServerBindings=":80:" ServerComment="Default Web Site" ServerSize="1" />


To remove all secure bindings run the following commands:
C:\Inetpub\AdminScripts>cscript //nologo adsutil.vbs delete w3svc/1/securebindings

deleted property "securebindings"

C:\Inetpub\AdminScripts>iisreset

Attempting stop...
Internet services successfully stopped
Attempting start...
Internet services successfully restarted


Now restarting the Microsoft Firewall service should result in the published website being available.

Products

Microsoft Internet Information Services 6.0
Microsoft Internet Security and Acceleration Server 2004 SP3
Microsoft Windows Server 2003 (any)

Created: 19th January 2012
Updated: 19th January 2012


© 2005-2017 Jamie Morrison