Complete the following steps on all the StoreFront servers to troubleshoot this issue:
- Open the IIS console > Servername > Server Certificates
1) Make sure the Certificate Issued To name matches the StoreFront Base URL.
2) Make sure the Expiration Date is not expired.
3) View the Certificate Details tab of the certificate, verify it contains a private key. If using a SAN certificate, make sure the StoreFront Base URL is listed under the subject alternative names. Wildcard certificates are also supported.
4) View the Certification Path tab of the certificate, confirm that all the Intermediate and Root certificates are properly installed to complete an SSL Handshake.
For more information regarding Server certificates, refer to Microsoft article
– Server Certificate Deployment
– Configure intermediate certificates on a computer that is running IIS for server authentication
- Open the IIS console > Servername > Sites > Default Web Site > Bindings.
2) The SSL certificate matches the StoreFront Base URL.
3) The host name field is empty.
For more information regarding adding a binding, refer to Microsoft article – SSL Bindings