There is a known issue with certificates which are one created with provider “Microsoft RSA SChannel Cryptographic Provider” which is decribed in this Blog. OWA and ECP are looping on FBA logon page.
Recently I had an issue implementing the solution :
certutil -csp “Microsoft RSA SChannel Cryptographic Provider” -importpfx <CertificateFilename>
On one maschine this Command is trowing exeption:
CertUtil: -importPFX command FAILED 0x80090029 (-2146893783 NTE_NOT_SUPPORTED)
CertUtil: The requested operation is not supported.
Cauise for this issue was that there was addidional permission for System on follwong folder: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys.
After removing the permissions the issue no longer exists and the certificate can be imported and OWA is not looping anymore.