This article is contributed. See the original author and article here.

IIS uses bindings to determine where to redirect requests. These bindings can be secured (https – mostly on port 443) or unsecured (http – mostly on 80).

 

In a case I worked on, I came across to this error while trying to add an https binding: The request is not supported (Exception from HRESULT: 0x80070032).

Nedim_0-1598277126016.png

 

The PowerShell command below gave an error too

 

netsh http add sslcert ipport=[IP:port] appid="[APP ID]" certhash=[HASH] certstorename=MY

 

SSL Certificate add failed, Error: 50
The request is not supported

Nedim_1-1598277126022.png

 

 

Additionally, Windows Update wasn’t working neither. It displayed the following error.

“We couldn’t connect to the update service. We’ll try again later, or you can check now.”

 

Solution

 

Since both secure binding and Windows Update were failing, the issue seemed to be related to TLS protocol settings.

 

If you are troubleshooting a similar issue, make sure TLS protocols and encryption algorithms are enabled. Additionally, check if secure cipher suites are enabled. In our case, there was only one cipher suite defined. This was the reason of both binding and Windows Update issues.

 

We followed the steps below to use default cipher suite list:

  1. Go to “Start > Run“. Enter: gpedit.msc
  2. In the left pane, expand “Computer Configuration > Administrative Templates > Network > SSL Configuration Settings
  3. In the right pane, right click “SSL Cipher Suite Order” and choose “Edit
  4. Save the text inside “SSL Chiper Suite” field to a Notepad for backup
  5. Select “Not Configured
  6. Click “OK
  7. Restart the server (gpupdate doesn’t enforce this setting. You should restart the server)

Nedim_2-1598277126042.jpeg

 

 

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.