“Cannot complete request” when logging on via NetScaler using dual factor authentication and SSON to StoreFront Server 3.14

The certificate hash shown did not match the one binding to the SSL port 443 in IIS (correct cert hash starts with 89BA19BD4…)

Delete the legacy certificate causing errors via CLI command

Netsh http delete sslcert ipport=

Note: The legacy certificate was associated with another set of StoreFront servers (3 SF servers) instead of the new certificate created for this new set of 2 SF servers.


When issuing the CLI command:

“netsh http show sslcert” – we now see that the certificate is gone

When testing logging on to the NetScaler, we were able to SSON to SF server using the 2 factor authentication in place and keeping the setting “Enable Loopback Communication” set to ON (Under SF – Edit Receiver for Web Site – Advanced Settings)


  • No Related Posts

Leave a Reply