search cancel

The IIS Admin Service terminated with the following service-specific error: Invalid Signature.

book

Article ID: 173738

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

While trying to get client machines registered to the Symantec Management Platform (SMP), we noticed that IIS services are not able to restart.

The Application logs on the SMP, shows the following type of messages:

Event 1:

Log Name:      Application
Source:        ASP.NET 4.0.30319.0
Date:          2/20/2019 5:52:44 PM
Event ID:      1309
Task Category: Web Event
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      itms01.domain.local
Description:
Event code: 3001
Event message: The request has been aborted.
Event time: 2/20/2019 5:52:44 PM
Event time (UTC): 2/20/2019 11:52:44 PM
Event ID: 457d7df2f7e44a49afa4ac554c8d4b2b
Event sequence: 73
Event occurrence: 3
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/1/ROOT/Altiris/NS/Agent-3-131951788094324615
    Trust level: Full
    Application Virtual Path: /Altiris/NS/Agent
    Application Path: D:\Program Files\Altiris\Notification Server\AgentWeb\Agent\
    Machine name: ITMS01
 
Process information:
    Process ID: 3476
    Process name: w3wp.exe
    Account name: IIS APPPOOL\Symantec Agent AppPool
 
Exception information:
    Exception type: HttpException
    Exception message: Request timed out.
Request information:
    Request URL: https://itms01.domain.local:443/altiris/NS/Agent/GetClientCertificate.aspx
    Request path: /altiris/NS/Agent/GetClientCertificate.aspx
    User host address: 172.25.4.177
    User:  
    Is authenticated: False
    Authentication Type:  
    Thread account name:domain\altirissvc
 
Thread information:
    Thread ID: 179
    Thread account name: domain\altirissvc
    Is impersonating: False

 

Event 2:

Log Name:      System
Source:        Service Control Manager
Date:          2/20/2019 5:52:44 PM
Event ID:      7024
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      itms01.domain.local
Description:
The IIS Admin Service service terminated with the following service-specific error:
Invalid Signature.
 

While you try to restart IIS (by running IISReset commmand), it fails complaining that IIS Admin service can't start. Because of this, processes in the SMP Console, like creating a CEM package or loading the Certificate Manager pages can't load.

Log Name:      System
Source:        Service Control Manager
Date:          2/20/2019 5:52:44 PM
Event ID:      7024
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      itms01.domain.local
Description:
The IIS Admin Service service terminated with the following service-specific error:
Invalid Signature.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="49152">7024</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-20T23:52:44.370193500Z" />
    <EventRecordID>175318</EventRecordID>
    <Correlation />
    <Execution ProcessID="592" ThreadID="6108" />
    <Channel>System</Channel>
    <Computer>itms01.lpcres.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">IIS Admin Service</Data>
    <Data Name="param2">%%2148073478</Data>
    <Binary>490049005300410044004D0049004E000000</Binary>
  </EventData>
</Event>

Cause

Microsoft issue, possibly caused by corruption of one of the C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys (or C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys in previous OS versions) files.

Resolution

Please contact Microsoft for assistance. A quick reference that may help to troubleshoot this issue by yourself is https://social.technet.microsoft.com/wiki/contents/articles/23797.windows-troubleshooting-could-not-start-the-iis-admin-service-error-code-2146893818.aspx

In this particular instance working with Microsoft the customer was able to get the IIS Admin service started after uninstalling the "IIS 6 Metabase Compatibility" Role Service:

  1. Open "Server Manager" for your Windows Server
  2. Under Manage, select "Remove Roles and Features"
  3. Select "Server Roles" on the left tree
  4. Under "Roles", expand "Web Server (IIS)>"Management Tools">IIS 6 Management Compatibility
  5. uncheck "IIS 6 Metabase Compatibility". Follow the next steps provided by the UI.