none
HTTPS support in WindowsServerCore image? RRS feed

  • Question

  • Hi,

    Has anybody got HTTPS support working on a container based on WindowsServerCore image?

    I managed to enable it but every time I get wget on the URL the container host keeps crashing.

    Container host event viewer logs an event saying that lsass.exe process resulted in access violation.

    Please help,

    Thanks,

    Tuesday, December 15, 2015 6:40 PM

Answers

  • Hello,

    Unfortunately, HTTPS is not currently supported in containers.

    Regards,
    Ender

    • Marked as answer by Abdul Rasheed Monday, December 28, 2015 10:09 PM
    Tuesday, December 22, 2015 12:31 AM
    Moderator

All replies

  • Below is the procmon trace in CSV format filtered for process lsass.exe when Result is not "SUCCESS"

    ============================================================

    Time of Day","Process Name","PID","Operation","Path","Result","Detail"
    "9:37:09.6116022 AM","wininit.exe","4108","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsass.exe","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
    "9:37:09.6117299 AM","wininit.exe","4108","CreateFileMapping","\Device\HarddiskVolume4\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
    "9:37:09.6118854 AM","wininit.exe","4108","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lsass.exe","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
    "9:37:09.6147617 AM","csrss.exe","2348","CreateFile","\Device\HarddiskVolume4\Windows\System32\lsass.exe.Config","NAME NOT FOUND","Desired Access: Generic Read, Dis, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\SYSTEM"
    "9:37:38.1249925 AM","lsass.exe","500","QueryNameInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","Name: \Windo"
    "9:37:38.1250054 AM","lsass.exe","500","QueryNameInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","Name: \Windo"
    "9:37:38.1250151 AM","lsass.exe","500","QueryNameInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","Name: \Windo"
    "9:37:38.1250242 AM","lsass.exe","500","QueryNameInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","Name: \Windo"
    "9:37:38.1250338 AM","lsass.exe","500","QueryNameInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","Name: \Windo"
    "9:37:38.3577740 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.3582404 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.3589167 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.3592449 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.3596893 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.3600682 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.6078434 AM","WerFault.exe","5748","CreateFileMapping","C:\Windows\System32\lsass.exe","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: |PAGE_NOCACHE"
    "9:37:38.6095716 AM","WerFault.exe","5748","DeviceIoControl","C:\Windows\System32\lsass.exe","INVALID PARAMETER","Control: IOCTL_MOUNTDEV_QUERY_DEVICE_NAME"
    "9:37:38.6097301 AM","WerFault.exe","5748","CreateFile","C:\Windows\System32\lsass.exe","NAME INVALID","Desired Access: Read Attributes, Synchronize, Dis, Options: Synchronous IO Non-Alert, Open Reparse Point, Disallow Exclusive, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a"
    "9:37:38.6107725 AM","WerFault.exe","5748","QueryAllInformationFile","C:\Windows\System32\lsass.exe","BUFFER OVERFLOW","CreationTime: 10/30/2015 12:18:13 AM, LastAccessTime: 10/30/2015 12:18:13 AM, LastWriteTime: 10/30/2015 12:18:13 AM, ChangeTime: 12/2/2015 10:09:36 AM, FileAttributes: A, AllocationSize: 61,440, EndOfFile: 57,912, NumberOfLinks: 2, DeletePending: False, Directory: False, IndexNumber: 0x1000000008722, EaSize: 139, Access: Generic Read, Position: 0, Mode: Sequential Access, Synchronous IO Non-Alert, AlignmentRequirement: Word"
    "9:37:38.6294106 AM","WerFault.exe","5748","QueryDirectory","C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_lsass.exe_caf501982e138822386b44f4187ac2fedde365b_db8d4b31_cab_158e1b7f","NO MORE FILES",""
    "9:37:38.6415987 AM","WerFault.exe","5748","CreateFile","C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_lsass.exe_caf501982e138822386b44f4187ac2fedde365b_db8d4b31_16768591","IS DIRECTORY","Desired Access: Generic Write, Read Attributes, Dis, Options: Synchronous IO Non-Alert, Non-Directory File, Disallow Exclusive, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
    "9:37:38.6438968 AM","WerFault.exe","5748","QueryDirectory","C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_lsass.exe_caf501982e138822386b44f4187ac2fedde365b_db8d4b31_16768591","NO MORE FILES",""
    "9:37:39.5054507 AM","wermgr.exe","4340","QuerySecurityFile","C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_lsass.exe_caf501982e138822386b44f4187ac2fedde365b_db8d4b31_cab_158e1b7f","BUFFER OVERFLOW","Information: Label"

    Friday, December 18, 2015 5:47 PM
  • Hello,

    Unfortunately, HTTPS is not currently supported in containers.

    Regards,
    Ender

    • Marked as answer by Abdul Rasheed Monday, December 28, 2015 10:09 PM
    Tuesday, December 22, 2015 12:31 AM
    Moderator