Yes, but then I get a certificate error when drilling down in the menu to log into the repository. The certificate is a domain certificate issued to the machine FQDN and matches.

If you uncheck SSL, does it work?

No, I have limited the connection to 443. Enabled SSL in Laserfiche and Firewall. Certificate is bound in IIS.
 

Are you using a local certificate or one issued from elsewhere.  Have you configured the LF server itself to use SSL?

Domain issued certificate. Yes, it's configured as noted in the installation documentation. 

http://www.laserfiche.com/support/webhelp/Laserfiche/9.2/en-US/AdminGuide/LFAdmin.htm#Using_SSL_TLS.htm 

The certificate is matched to the trusted root and both the root and local certificate are installed.

Do you have Web Access too?  Was the certificate originally set up for Web Access or for both Web Access and the LF server?

Yes, and it connects and I can browse the folders/files. In this case all LF products are on the same machine / same certificate.

Connected to view a document and metadata:

Open MMC. Under MMC > Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates, what shows there?

Plenty of certificates ... including the domain root which signed the local cert. (no useful screenshot) The cert is current and not expired. Are you looking for anything in particular or just that it exists?

The one you are using for Web Access and LF.  If it is listed there.

1. Open a command prompt window and run the following command

makecert -pe -n "CN=v-sup-2k8r2-2.laserfiche.com" -ss my -sr LocalMachine -a sha1 -sky exchange -eku 1.3.6.1.5.5.7.3.1 -in "LF Test Authority" -is ROOT -ir LocalMachine -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 myhost.cer

Note that “v-sup-2k8r2-2” should be replaced with your actual LF Server computer name and "LF Test Authority" should be replaced with the name of the certificate you want to use for the LF server.

2. Now back in MMC, go to MMC > Certificates (Local Computer) > Personal > Certificates > [the certificate you just made]

3. Open the certificate and look at the details

4. Copy the Thumbprint value into notepad and remove all spaces

5. Open a new command prompt window and go to C:\Windows\System32. Then run the following command

http add sslcert ipport=0.0.0.0:443 certhash=thumbprint_value_without_spaces appid={00112233-4455-6677-8899-AABBCCDDEEFF}

6. Now go into the registry to HKEY_LOCAL_MACHINE\SOFTWARE\Laserfiche\Engine\8.0\HttpServ

7. Create a new dword called SSLPORT and set the value to be 443 (decimal)

8. Restart the Laserfiche Server service

9. Open the LF Admin Console and register a new LF Server instance using v-sup-2k8r2-2.laserfiche.com (the fqdn of your actual computer name) and make sure to also check the "connect with ssl" option

Based on your earlier screenshots you have items 6-8 already.  Just skip to 9 at that point and try again.

I think this is already in place. What are we specifically looking for? I checked the Hash on the certificate and the netsh binding. They match. I don't mean to be dismissive, but I'm looking for the specific change that you feel is not taken care of. I have run through this workflow before. THANKS - I'll come back to this tomorrow. 

Everything points to a misconfigured SSL certificate or a bad DNS entry.  Is dev_lf_lfs.state.al the FQDN of the machine?

If you "ping -a IP" where "IP" is the IP address for the computer. does it return the same name?

Yes. These match.  And the certificate works in all other situations tested, example initial login to the Web Admin Console Application and overall use of Web Access. Both connected over https using windows authentication with that certificate.