| Groups | Blog | Home |
iis security : Renewed Certificate not working
Hi,
I have got an strange issue. The problem is, I have just renewed a certificate but its not working i.e. it has been installed properly, visible in request and personal folder in 'certificate snap-in' in MMC, valid date till 2005 but.the site is inaccessible with https:// It was working fine with the previous certificate, which expired, so we asked for a renewed certificate. I first tried with replace certificate, which didn't work, although the certificate was installed properly. Then I start from the scratch and remove all previous entries, install the new certificate again, which was installed properly again, but didn't work. I then even tried to install free sample 30 days certificate which was installed but again, site didn't respond on https:// and keep giving "The page cannot be displayed" error. The last line in the browser says "Cannot find server or DNS Error" so I have tried to run the site using its IP in order to bypass DNS but id didn't work either. Above all it was working fine earlier. The same IP was also being used by other sites in such a way that all were directing to same 'home directory', so I removed all the rest of the sites too. Do anyone of you have any solution for this. I will really appreciate it as I m completely stuck for the last three days. Thanks in advance, Hasnain Internal Support Manager
The problem now is, the renewed certificate indicate no error anywhere but
the site is unaccessible from https:// One more thing, we have another site working with a different certificate on the same server, from same authority. [quoted text, click to view] "Bernard" <qbernard@hotmail.com.discuss> wrote in message news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > Sorry, so the problem now is renewed cert not working or you still getting > cannot find dns error ? > > -- > Regards, > Bernard Cheah > http://support.microsoft.com/ > Please respond to newsgroups only ... > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > Hi, > > > > I have got an strange issue. > > > > The problem is, I have just renewed a certificate but its not working i.e. > > it has been installed properly, visible in request and personal folder in > > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > > inaccessible with https:// It was working fine with the previous > > certificate, which expired, so we asked for a renewed certificate. > > > > > > > > I first tried with replace certificate, which didn't work, although the > > certificate was installed properly. > > > > > > > > Then I start from the scratch and remove all previous entries, install the > > new certificate again, which was installed properly again, but didn't > work. > > I then even tried to install free sample 30 days certificate which was > > installed but again, site didn't respond on https:// and keep giving "The > > page cannot be displayed" error. The last line in the browser says "Cannot > > find server or DNS Error" so I have tried to run the site using its IP in > > order to bypass DNS but id didn't work either. Above all it was working > fine > > earlier. The same IP was also being used by other sites in such a way that > > all were directing to same 'home directory', so I removed all the rest of > > the sites too. > > > > > > > > Do anyone of you have any solution for this. I will really appreciate it > as > > I m completely stuck for the last three days. > > > > > > > > Thanks in advance, > > > > > > > > Hasnain > > > > Internal Support Manager > > > > > > > > > >
Sorry, so the problem now is renewed cert not working or you still getting
cannot find dns error ? -- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... [quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > Hi, > > I have got an strange issue. > > The problem is, I have just renewed a certificate but its not working i.e. > it has been installed properly, visible in request and personal folder in > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > inaccessible with https:// It was working fine with the previous > certificate, which expired, so we asked for a renewed certificate. > > > > I first tried with replace certificate, which didn't work, although the > certificate was installed properly. > > > > Then I start from the scratch and remove all previous entries, install the > new certificate again, which was installed properly again, but didn't work. > I then even tried to install free sample 30 days certificate which was > installed but again, site didn't respond on https:// and keep giving "The > page cannot be displayed" error. The last line in the browser says "Cannot > find server or DNS Error" so I have tried to run the site using its IP in > order to bypass DNS but id didn't work either. Above all it was working fine > earlier. The same IP was also being used by other sites in such a way that > all were directing to same 'home directory', so I removed all the rest of > the sites too. > > > > Do anyone of you have any solution for this. I will really appreciate it as > I m completely stuck for the last three days. > > > > Thanks in advance, > > > > Hasnain > > Internal Support Manager > > > >
not working means that we are getting DNS error.
[quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > The problem now is, the renewed certificate indicate no error anywhere but > the site is unaccessible from https:// > One more thing, we have another site working with a different certificate on > the same server, from same authority. > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > Sorry, so the problem now is renewed cert not working or you still getting > > cannot find dns error ? > > > > -- > > Regards, > > Bernard Cheah > > http://support.microsoft.com/ > > Please respond to newsgroups only ... > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > Hi, > > > > > > I have got an strange issue. > > > > > > The problem is, I have just renewed a certificate but its not working > i.e. > > > it has been installed properly, visible in request and personal folder > in > > > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > > > inaccessible with https:// It was working fine with the previous > > > certificate, which expired, so we asked for a renewed certificate. > > > > > > > > > > > > I first tried with replace certificate, which didn't work, although the > > > certificate was installed properly. > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, install > the > > > new certificate again, which was installed properly again, but didn't > > work. > > > I then even tried to install free sample 30 days certificate which was > > > installed but again, site didn't respond on https:// and keep giving > "The > > > page cannot be displayed" error. The last line in the browser says > "Cannot > > > find server or DNS Error" so I have tried to run the site using its IP > in > > > order to bypass DNS but id didn't work either. Above all it was working > > fine > > > earlier. The same IP was also being used by other sites in such a way > that > > > all were directing to same 'home directory', so I removed all the rest > of > > > the sites too. > > > > > > > > > > > > Do anyone of you have any solution for this. I will really appreciate it > > as > > > I m completely stuck for the last three days. > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > Hasnain > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > >
so you have at least 2 SSL in one box, are they binding at different IP or
ports ? when you do 'netstat -an' do you see 2 binding on port 443 ? and try - PRB: Error "Page Cannot Be Displayed" When You Connect Through HTTPS http://support.microsoft.com/?id=290391 "Cannot find server" or "DNS" Errors When Using SSL (Q & A) http://support.microsoft.com/?id=292296 -- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... [quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:uiUGOIk8DHA.4044@tk2msftngp13.phx.gbl... > not working means that we are getting DNS error. > > "Hasnain" <Sacchal@hotmail.com> wrote in message > news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > > The problem now is, the renewed certificate indicate no error anywhere but > > the site is unaccessible from https:// > > One more thing, we have another site working with a different certificate > on > > the same server, from same authority. > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > > Sorry, so the problem now is renewed cert not working or you still > getting > > > cannot find dns error ? > > > > > > -- > > > Regards, > > > Bernard Cheah > > > http://support.microsoft.com/ > > > Please respond to newsgroups only ... > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > > Hi, > > > > > > > > I have got an strange issue. > > > > > > > > The problem is, I have just renewed a certificate but its not working > > i.e. > > > > it has been installed properly, visible in request and personal folder > > in > > > > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > > > > inaccessible with https:// It was working fine with the previous > > > > certificate, which expired, so we asked for a renewed certificate. > > > > > > > > > > > > > > > > I first tried with replace certificate, which didn't work, although > the > > > > certificate was installed properly. > > > > > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, install > > the > > > > new certificate again, which was installed properly again, but didn't > > > work. > > > > I then even tried to install free sample 30 days certificate which was > > > > installed but again, site didn't respond on https:// and keep giving > > "The > > > > page cannot be displayed" error. The last line in the browser says > > "Cannot > > > > find server or DNS Error" so I have tried to run the site using its IP > > in > > > > order to bypass DNS but id didn't work either. Above all it was > working > > > fine > > > > earlier. The same IP was also being used by other sites in such a way > > that > > > > all were directing to same 'home directory', so I removed all the rest > > of > > > > the sites too. > > > > > > > > > > > > > > > > Do anyone of you have any solution for this. I will really appreciate > it > > > as > > > > I m completely stuck for the last three days. > > > > > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > > > > > Hasnain > > > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Those two SSL are on the same box, binded to diffrenet IPs but using same
port number i.e. 443. When I use netstat -an I got so many lines, I hope the following lines you might be interested in: Proto Local Address Foreing Address State TCP 0:0:0:0:443 0.0.0.0 LISTENING UDP "PC IP":53 *:* UDP "PC IP":500 *:* UDP "PC IP":5632 *:* Thanks for the article you mentioned. I had already gone through the article 290391 but 292296 was new to me, but I don't think removing the binding from default web site will work as the other site having another valid certificate (from the same source) is already working perfectly. Do I need to assign different SSL port for another another web site? Please help, thanks, Hasnain. [quoted text, click to view] "Bernard" <qbernard@hotmail.com.discuss> wrote in message news:Olkbd588DHA.1548@tk2msftngp13.phx.gbl... > so you have at least 2 SSL in one box, are they binding at different IP or > ports ? > when you do 'netstat -an' do you see 2 binding on port 443 ? > > and try - > PRB: Error "Page Cannot Be Displayed" When You Connect Through HTTPS > http://support.microsoft.com/?id=290391 > > > "Cannot find server" or "DNS" Errors When Using SSL (Q & A) > http://support.microsoft.com/?id=292296 > > > -- > Regards, > Bernard Cheah > http://support.microsoft.com/ > Please respond to newsgroups only ... > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > news:uiUGOIk8DHA.4044@tk2msftngp13.phx.gbl... > > not working means that we are getting DNS error. > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > > > The problem now is, the renewed certificate indicate no error anywhere > but > > > the site is unaccessible from https:// > > > One more thing, we have another site working with a different > certificate > > on > > > the same server, from same authority. > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > > > Sorry, so the problem now is renewed cert not working or you still > > getting > > > > cannot find dns error ? > > > > > > > > -- > > > > Regards, > > > > Bernard Cheah > > > > http://support.microsoft.com/ > > > > Please respond to newsgroups only ... > > > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > > > Hi, > > > > > > > > > > I have got an strange issue. > > > > > > > > > > The problem is, I have just renewed a certificate but its not > working > > > i.e. > > > > > it has been installed properly, visible in request and personal > folder > > > in > > > > > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > > > > > inaccessible with https:// It was working fine with the previous > > > > > certificate, which expired, so we asked for a renewed certificate. > > > > > > > > > > > > > > > > > > > > I first tried with replace certificate, which didn't work, although > > the > > > > > certificate was installed properly. > > > > > > > > > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, > install > > > the > > > > > new certificate again, which was installed properly again, but > didn't > > > > work. > > > > > I then even tried to install free sample 30 days certificate which > was > > > > > installed but again, site didn't respond on https:// and keep giving > > > "The > > > > > page cannot be displayed" error. The last line in the browser says > > > "Cannot > > > > > find server or DNS Error" so I have tried to run the site using its > IP > > > in > > > > > order to bypass DNS but id didn't work either. Above all it was > > working > > > > fine > > > > > earlier. The same IP was also being used by other sites in such a > way > > > that > > > > > all were directing to same 'home directory', so I removed all the > rest > > > of > > > > > the sites too. > > > > > > > > > > > > > > > > > > > > Do anyone of you have any solution for this. I will really > appreciate > > it > > > > as > > > > > I m completely stuck for the last three days. > > > > > > > > > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > > > > > > > > > Hasnain > > > > > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Its already binded to its own IP with port SSL 443.
The default web site properties indicate 'All assigned' for SSL 443 [quoted text, click to view] "Bernard" <qbernard@hotmail.com.discuss> wrote in message news:uMKFc6F9DHA.1596@TK2MSFTNGP10.phx.gbl... > Ok now, you have to make sure each cert is binding to its own IP. > IIS MMC - Site's properties - Web site tab - Advanced button, > at the SSL section, click edit - change 'all unassigned' to its IP. > > now, you might want to try SSL diag as well. > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/downloads/ssldiags.asp > > this will help diagnose SSL error for you. FYI, I have one IP 2 sites with > 2 certs. binding on different ports. > > -- > Regards, > Bernard Cheah > http://support.microsoft.com/ > Please respond to newsgroups only ... > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > news:e#Y87CF9DHA.1592@TK2MSFTNGP10.phx.gbl... > > Those two SSL are on the same box, binded to diffrenet IPs but using same > > port number i.e. 443. > > > > When I use netstat -an I got so many lines, I hope the following lines you > > might be interested in: > > > > Proto Local Address Foreing Address State > > TCP 0:0:0:0:443 0.0.0.0 LISTENING > > UDP "PC IP":53 *:* > > UDP "PC IP":500 *:* > > UDP "PC IP":5632 *:* > > > > Thanks for the article you mentioned. I had already gone through the > article > > 290391 but 292296 was new to me, but I don't think removing the binding > from > > default web site will work as the other site having another valid > > certificate (from the same source) is already working perfectly. Do I need > > to assign different SSL port for another another web site? > > > > Please help, > > > > thanks, > > > > Hasnain. > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > news:Olkbd588DHA.1548@tk2msftngp13.phx.gbl... > > > so you have at least 2 SSL in one box, are they binding at different IP > or > > > ports ? > > > when you do 'netstat -an' do you see 2 binding on port 443 ? > > > > > > and try - > > > PRB: Error "Page Cannot Be Displayed" When You Connect Through HTTPS > > > http://support.microsoft.com/?id=290391 > > > > > > > > > "Cannot find server" or "DNS" Errors When Using SSL (Q & A) > > > http://support.microsoft.com/?id=292296 > > > > > > > > > -- > > > Regards, > > > Bernard Cheah > > > http://support.microsoft.com/ > > > Please respond to newsgroups only ... > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > news:uiUGOIk8DHA.4044@tk2msftngp13.phx.gbl... > > > > not working means that we are getting DNS error. > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > > > > > The problem now is, the renewed certificate indicate no error > anywhere > > > but > > > > > the site is unaccessible from https:// > > > > > One more thing, we have another site working with a different > > > certificate > > > > on > > > > > the same server, from same authority. > > > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > > > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > > > > > Sorry, so the problem now is renewed cert not working or you still > > > > getting > > > > > > cannot find dns error ? > > > > > > > > > > > > -- > > > > > > Regards, > > > > > > Bernard Cheah > > > > > > http://support.microsoft.com/ > > > > > > Please respond to newsgroups only ... > > > > > > > > > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > > > > > Hi, > > > > > > > > > > > > > > I have got an strange issue. > > > > > > > > > > > > > > The problem is, I have just renewed a certificate but its not > > > working > > > > > i.e. > > > > > > > it has been installed properly, visible in request and personal > > > folder > > > > > in > > > > > > > 'certificate snap-in' in MMC, valid date till 2005 but.the site > is > > > > > > > inaccessible with https:// It was working fine with the previous > > > > > > > certificate, which expired, so we asked for a renewed > certificate. > > > > > > > > > > > > > > > > > > > > > > > > > > > > I first tried with replace certificate, which didn't work, > > although > > > > the > > > > > > > certificate was installed properly. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, > > > install > > > > > the > > > > > > > new certificate again, which was installed properly again, but > > > didn't > > > > > > work. > > > > > > > I then even tried to install free sample 30 days certificate > which > > > was > > > > > > > installed but again, site didn't respond on https:// and keep > > giving > > > > > "The > > > > > > > page cannot be displayed" error. The last line in the browser > says > > > > > "Cannot > > > > > > > find server or DNS Error" so I have tried to run the site using > > its > > > IP > > > > > in > > > > > > > order to bypass DNS but id didn't work either. Above all it was > > > > working > > > > > > fine > > > > > > > earlier. The same IP was also being used by other sites in such > a > > > way > > > > > that > > > > > > > all were directing to same 'home directory', so I removed all > the > > > rest > > > > > of > > > > > > > the sites too. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Do anyone of you have any solution for this. I will really > > > appreciate > > > > it > > > > > > as > > > > > > > I m completely stuck for the last three days. > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hasnain > > > > > > > > > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Ok now, you have to make sure each cert is binding to its own IP.
IIS MMC - Site's properties - Web site tab - Advanced button, at the SSL section, click edit - change 'all unassigned' to its IP. now, you might want to try SSL diag as well. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/downloads/ssldiags.asp this will help diagnose SSL error for you. FYI, I have one IP 2 sites with 2 certs. binding on different ports. -- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... [quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:e#Y87CF9DHA.1592@TK2MSFTNGP10.phx.gbl... > Those two SSL are on the same box, binded to diffrenet IPs but using same > port number i.e. 443. > > When I use netstat -an I got so many lines, I hope the following lines you > might be interested in: > > Proto Local Address Foreing Address State > TCP 0:0:0:0:443 0.0.0.0 LISTENING > UDP "PC IP":53 *:* > UDP "PC IP":500 *:* > UDP "PC IP":5632 *:* > > Thanks for the article you mentioned. I had already gone through the article > 290391 but 292296 was new to me, but I don't think removing the binding from > default web site will work as the other site having another valid > certificate (from the same source) is already working perfectly. Do I need > to assign different SSL port for another another web site? > > Please help, > > thanks, > > Hasnain. > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:Olkbd588DHA.1548@tk2msftngp13.phx.gbl... > > so you have at least 2 SSL in one box, are they binding at different IP or > > ports ? > > when you do 'netstat -an' do you see 2 binding on port 443 ? > > > > and try - > > PRB: Error "Page Cannot Be Displayed" When You Connect Through HTTPS > > http://support.microsoft.com/?id=290391 > > > > > > "Cannot find server" or "DNS" Errors When Using SSL (Q & A) > > http://support.microsoft.com/?id=292296 > > > > > > -- > > Regards, > > Bernard Cheah > > http://support.microsoft.com/ > > Please respond to newsgroups only ... > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > news:uiUGOIk8DHA.4044@tk2msftngp13.phx.gbl... > > > not working means that we are getting DNS error. > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > > > > The problem now is, the renewed certificate indicate no error anywhere > > but > > > > the site is unaccessible from https:// > > > > One more thing, we have another site working with a different > > certificate > > > on > > > > the same server, from same authority. > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > > > > Sorry, so the problem now is renewed cert not working or you still > > > getting > > > > > cannot find dns error ? > > > > > > > > > > -- > > > > > Regards, > > > > > Bernard Cheah > > > > > http://support.microsoft.com/ > > > > > Please respond to newsgroups only ... > > > > > > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > > > > Hi, > > > > > > > > > > > > I have got an strange issue. > > > > > > > > > > > > The problem is, I have just renewed a certificate but its not > > working > > > > i.e. > > > > > > it has been installed properly, visible in request and personal > > folder > > > > in > > > > > > 'certificate snap-in' in MMC, valid date till 2005 but.the site is > > > > > > inaccessible with https:// It was working fine with the previous > > > > > > certificate, which expired, so we asked for a renewed certificate. > > > > > > > > > > > > > > > > > > > > > > > > I first tried with replace certificate, which didn't work, > although > > > the > > > > > > certificate was installed properly. > > > > > > > > > > > > > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, > > install > > > > the > > > > > > new certificate again, which was installed properly again, but > > didn't > > > > > work. > > > > > > I then even tried to install free sample 30 days certificate which > > was > > > > > > installed but again, site didn't respond on https:// and keep > giving > > > > "The > > > > > > page cannot be displayed" error. The last line in the browser says > > > > "Cannot > > > > > > find server or DNS Error" so I have tried to run the site using > its > > IP > > > > in > > > > > > order to bypass DNS but id didn't work either. Above all it was > > > working > > > > > fine > > > > > > earlier. The same IP was also being used by other sites in such a > > way > > > > that > > > > > > all were directing to same 'home directory', so I removed all the > > rest > > > > of > > > > > > the sites too. > > > > > > > > > > > > > > > > > > > > > > > > Do anyone of you have any solution for this. I will really > > appreciate > > > it > > > > > as > > > > > > I m completely stuck for the last three days. > > > > > > > > > > > > > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > > > > > > > > > > > > > Hasnain > > > > > > > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
I just change the assigned IP and it start working through its new IP both
with http and https. I didn't make any changes to DNS so far, so access the site using its new public IP. Then I revert back its previous public IP and the site start giving 'The page cannot be found' and 'DNS Error' in the last, although I was accessing the site through its IP on both the cases. I have also gone through IIS to verify that its IP is not being shared with any other site. [quoted text, click to view] "Bernard" <qbernard@hotmail.com.discuss> wrote in message news:%23iqyUcH9DHA.1548@tk2msftngp13.phx.gbl...
Configured the 2 sites to bind on their own IP at port 80 and 443.
download ssldiag and post the error msgs here. -- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... [quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:uA6O96G9DHA.3364@TK2MSFTNGP09.phx.gbl... > Its already binded to its own IP with port SSL 443. > The default web site properties indicate 'All assigned' for SSL 443 > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:uMKFc6F9DHA.1596@TK2MSFTNGP10.phx.gbl... > > Ok now, you have to make sure each cert is binding to its own IP. > > IIS MMC - Site's properties - Web site tab - Advanced button, > > at the SSL section, click edit - change 'all unassigned' to its IP. > > > > now, you might want to try SSL diag as well. > > > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/downloads/ssldiags.asp > > > > this will help diagnose SSL error for you. FYI, I have one IP 2 sites with > > 2 certs. binding on different ports. > > > > -- > > Regards, > > Bernard Cheah > > http://support.microsoft.com/ > > Please respond to newsgroups only ... > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > news:e#Y87CF9DHA.1592@TK2MSFTNGP10.phx.gbl... > > > Those two SSL are on the same box, binded to diffrenet IPs but using > same > > > port number i.e. 443. > > > > > > When I use netstat -an I got so many lines, I hope the following lines > you > > > might be interested in: > > > > > > Proto Local Address Foreing Address State > > > TCP 0:0:0:0:443 0.0.0.0 LISTENING > > > UDP "PC IP":53 *:* > > > UDP "PC IP":500 *:* > > > UDP "PC IP":5632 *:* > > > > > > Thanks for the article you mentioned. I had already gone through the > > article > > > 290391 but 292296 was new to me, but I don't think removing the binding > > from > > > default web site will work as the other site having another valid > > > certificate (from the same source) is already working perfectly. Do I > need > > > to assign different SSL port for another another web site? > > > > > > Please help, > > > > > > thanks, > > > > > > Hasnain. > > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > news:Olkbd588DHA.1548@tk2msftngp13.phx.gbl... > > > > so you have at least 2 SSL in one box, are they binding at different > IP > > or > > > > ports ? > > > > when you do 'netstat -an' do you see 2 binding on port 443 ? > > > > > > > > and try - > > > > PRB: Error "Page Cannot Be Displayed" When You Connect Through HTTPS > > > > http://support.microsoft.com/?id=290391 > > > > > > > > > > > > "Cannot find server" or "DNS" Errors When Using SSL (Q & A) > > > > http://support.microsoft.com/?id=292296 > > > > > > > > > > > > -- > > > > Regards, > > > > Bernard Cheah > > > > http://support.microsoft.com/ > > > > Please respond to newsgroups only ... > > > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > news:uiUGOIk8DHA.4044@tk2msftngp13.phx.gbl... > > > > > not working means that we are getting DNS error. > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > > news:%23vFV%23Wi8DHA.2332@TK2MSFTNGP10.phx.gbl... > > > > > > The problem now is, the renewed certificate indicate no error > > anywhere > > > > but > > > > > > the site is unaccessible from https:// > > > > > > One more thing, we have another site working with a different > > > > certificate > > > > > on > > > > > > the same server, from same authority. > > > > > > > > > > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > > > > > > news:uIgwjvh8DHA.2412@TK2MSFTNGP09.phx.gbl... > > > > > > > Sorry, so the problem now is renewed cert not working or you > still > > > > > getting > > > > > > > cannot find dns error ? > > > > > > > > > > > > > > -- > > > > > > > Regards, > > > > > > > Bernard Cheah > > > > > > > http://support.microsoft.com/ > > > > > > > Please respond to newsgroups only ... > > > > > > > > > > > > > > > > > > > > > "Hasnain" <Sacchal@hotmail.com> wrote in message > > > > > > > news:eF19Vff8DHA.3704@tk2msftngp13.phx.gbl... > > > > > > > > Hi, > > > > > > > > > > > > > > > > I have got an strange issue. > > > > > > > > > > > > > > > > The problem is, I have just renewed a certificate but its not > > > > working > > > > > > i.e. > > > > > > > > it has been installed properly, visible in request and > personal > > > > folder > > > > > > in > > > > > > > > 'certificate snap-in' in MMC, valid date till 2005 but.the > site > > is > > > > > > > > inaccessible with https:// It was working fine with the > previous > > > > > > > > certificate, which expired, so we asked for a renewed > > certificate. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I first tried with replace certificate, which didn't work, > > > although > > > > > the > > > > > > > > certificate was installed properly. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Then I start from the scratch and remove all previous entries, > > > > install > > > > > > the > > > > > > > > new certificate again, which was installed properly again, but > > > > didn't > > > > > > > work. > > > > > > > > I then even tried to install free sample 30 days certificate > > which > > > > was > > > > > > > > installed but again, site didn't respond on https:// and keep > > > giving > > > > > > "The > > > > > > > > page cannot be displayed" error. The last line in the browser > > says > > > > > > "Cannot > > > > > > > > find server or DNS Error" so I have tried to run the site > using > > > its > > > > IP > > > > > > in > > > > > > > > order to bypass DNS but id didn't work either. Above all it > was > > > > > working > > > > > > > fine > > > > > > > > earlier. The same IP was also being used by other sites in > such > > a > > > > way > > > > > > that > > > > > > > > all were directing to same 'home directory', so I removed all > > the > > > > rest > > > > > > of > > > > > > > > the sites too. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Do anyone of you have any solution for this. I will really > > > > appreciate > > > > > it > > > > > > > as > > > > > > > > I m completely stuck for the last three days. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks in advance, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hasnain > > > > > > > > > > > > > > > > Internal Support Manager > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
sounds like your previous IP can't establish SSL connection.
is there any firewall or router blocking ? can you browser locally ? have try recreate the web site ? and ssldiag ? -- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... [quoted text, click to view] "Hasnain" <Sacchal@hotmail.com> wrote in message news:O6s$c6H9DHA.2524@TK2MSFTNGP11.phx.gbl... > I just change the assigned IP and it start working through its new IP both > with http and https. I didn't make any changes to DNS so far, so access the > site using its new public IP. Then I revert back its previous public IP and > the site start giving 'The page cannot be found' and 'DNS Error' in the > last, although I was accessing the site through its IP on both the cases. I > have also gone through IIS to verify that its IP is not being shared with > any other site. > > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message > news:%23iqyUcH9DHA.1548@tk2msftngp13.phx.gbl... > >
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |