When I did the installation on my first CAS server I got the following error during the CAS Role Install:
[ERROR] An unexpected error occurred while the forms-based authentication settings for path /LM/W3SVC/1 were being modified. The error returned was 5506
After a few failed attempts, I solved the problem by removing the certificate binding to 443 in IIS and restarting the install. When the install was done, I found the original ‘Exchange’ generated certificate bound to 443 rather than the certificate I was using. I just bound the correct one and everything seemed to work.
It seems the install is trying to bind a different certificate than the one in the meta base. The HASH doesn’t match causing the error.
Looking deeper, I found I had BOTH the self signed ‘Exchange’ certificate and my current certificate enabled for IMAP and POP. Since I do not use either IMAP or POP, I had never removed the certificate generated by the original Exchange install. I believe that caused the confusion.
The lesson, check to see if multiple certificates are enabled for any CAS services and eliminate the unused ones.