Today I was trying to upgrade Exchange Server 2019 RTM to cumulative update CU 5 stopped with an error. The upgrade went up to Step 10 and errored out with the following error message.

Error:

 The following error was generated when "$error.Clear();
 Install-ExchangeCertificate -services IIS -DomainController $RoleDomainController
 if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
 {
 Install-AuthCertificate -DomainController $RoleDomainController
 }
 " was run: "Microsoft.Exchange.Management.Clients.FormsAuthenticationMarkPathUnknownSetError: An unexpected error occurred while modifying the forms authentication settings for path /LM/W3SVC/1. The error returned was 5506.
 at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
 at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
 at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.EnableForServices(X509Certificate2 cert, AllowedServices services)
 at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.InternalProcessRecord()
 at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()
 at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)". 

To resolve this issue, I opened the Internet Information Services Manager and went to the Default website and right click and bindings option and changed the certificate from the third party one to the self-signed certificate.

Restarted the IIS using the command iisreset from the command prompt.

Restarted the Exchange CU upgrade and the upgrade completed successfully.

After the upgrade, I changed the Default website binding back third party certificate for the https binding.

Hope this would help someone.

1 Comment

  1. Benjamin Chen

    I was stuck on this for 4 week before running into your fix. We went from Exchange 2019 RTM directly to CU8 after changing SSL from existing to self-signed.

    I was able to use the same method to upgrade Exchange 2016 CU8 to CU19 using the same procedure.

    Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *