"cjobes" <cjobes@nova-tech.org> wrote in message
news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> Hi everyone,
>
> I'm testing a new app on a standalone 2003. The website is mapped to a
> single IP address that is only used by this website. The app works fine
with
> anonymous access. I want to use SSL for the sole purpose of encrypting
> traffic. User authentication is done within the app.
>
> I installed a certificate server (root CA) on the same box and added the
> certificate to the website. I then checked "ignore client certificates".
> When I try to connect to the website with http it correctly tells me that
> SSL is required. When I try to connect with https://ipaddress I get an
error
> that the page is not available.
>
> Why is this not working? I tried the IE on the server as well as IE from
> another box on the local net. Both IE have SSL 2 and 3 enabled.
>
> Any help would be very much appreciated.
>
> Thanks,
> Claus
>
>

"cjobes" <cjobes@nova-tech.org> wrote in message
news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> Some further info on this.
>
> The server is listening on port 443. I checked it with telnet. The lab
setup
> is a workgroup. The DNS has a zone testlab.com with 2 entries (www and
> webserver) pointing to the IP that the website is using. the certificate
> name is webserver.testlab.com. Ping works for IP as well as the 2 names.
The
> app comes up with both names and the IP when I disable SSL.
>
> I searched MS and everything else I could find on the net. Does anybody
have
> an idea what else I can try?
>
> Thanks,
>
> Claus
> "cjobes" <cjobes@nova-tech.org> wrote in message
> news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > Hi everyone,
> >
> > I'm testing a new app on a standalone 2003. The website is mapped to a
> > single IP address that is only used by this website. The app works fine
> with
> > anonymous access. I want to use SSL for the sole purpose of encrypting
> > traffic. User authentication is done within the app.
> >
> > I installed a certificate server (root CA) on the same box and added the
> > certificate to the website. I then checked "ignore client certificates".
> > When I try to connect to the website with http it correctly tells me
that
> > SSL is required. When I try to connect with https://ipaddress I get an
> error
> > that the page is not available.
> >
> > Why is this not working? I tried the IE on the server as well as IE from
> > another box on the local net. Both IE have SSL 2 and 3 enabled.
> >
> > Any help would be very much appreciated.
> >
> > Thanks,
> > Claus
> >
> >
>
>

"Bernard" <qbernard@hotmail.com.discuss> wrote in message
news:OBrZTrvREHA.3016@tk2msftngp13.phx.gbl...
> what's the error SSL diag report ?
> anything in event log ?
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "cjobes" <cjobes@nova-tech.org> wrote in message
> news:eBW6d4mREHA.3528@TK2MSFTNGP09.phx.gbl...
> > Additional Info:
> >
> > I found the SSL Diag tool (great help). The problem is the cert that I
> > created with cert server. I don't know why yet, but if I use the SSL
Diag
> > tool to create a new cert, the website works. Now the question is, why
> does
> > the cert server create a cert that isn't working?
> >
> > Does anybody have any idea about this one?
> >
> > Thanks,
> >
> > Claus
> > "cjobes" <cjobes@nova-tech.org> wrote in message
> > news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> > > Some further info on this.
> > >
> > > The server is listening on port 443. I checked it with telnet. The lab
> > setup
> > > is a workgroup. The DNS has a zone testlab.com with 2 entries (www and
> > > webserver) pointing to the IP that the website is using. the
certificate
> > > name is webserver.testlab.com. Ping works for IP as well as the 2
names.
> > The
> > > app comes up with both names and the IP when I disable SSL.
> > >
> > > I searched MS and everything else I could find on the net. Does
anybody
> > have
> > > an idea what else I can try?
> > >
> > > Thanks,
> > >
> > > Claus
> > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > > > Hi everyone,
> > > >
> > > > I'm testing a new app on a standalone 2003. The website is mapped to
a
> > > > single IP address that is only used by this website. The app works
> fine
> > > with
> > > > anonymous access. I want to use SSL for the sole purpose of
encrypting
> > > > traffic. User authentication is done within the app.
> > > >
> > > > I installed a certificate server (root CA) on the same box and added
> the
> > > > certificate to the website. I then checked "ignore client
> certificates".
> > > > When I try to connect to the website with http it correctly tells me
> > that
> > > > SSL is required. When I try to connect with https://ipaddress I get
an
> > > error
> > > > that the page is not available.
> > > >
> > > > Why is this not working? I tried the IE on the server as well as IE
> from
> > > > another box on the local net. Both IE have SSL 2 and 3 enabled.
> > > >
> > > > Any help would be very much appreciated.
> > > >
> > > > Thanks,
> > > > Claus
> > > >
> > > >
> > >
> > >
> >
> >
>
>

"cjobes" <cjobes@nova-tech.org> wrote in message
news:eBW6d4mREHA.3528@TK2MSFTNGP09.phx.gbl...
> Additional Info:
>
> I found the SSL Diag tool (great help). The problem is the cert that I
> created with cert server. I don't know why yet, but if I use the SSL Diag
> tool to create a new cert, the website works. Now the question is, why
does
> the cert server create a cert that isn't working?
>
> Does anybody have any idea about this one?
>
> Thanks,
>
> Claus
> "cjobes" <cjobes@nova-tech.org> wrote in message
> news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> > Some further info on this.
> >
> > The server is listening on port 443. I checked it with telnet. The lab
> setup
> > is a workgroup. The DNS has a zone testlab.com with 2 entries (www and
> > webserver) pointing to the IP that the website is using. the certificate
> > name is webserver.testlab.com. Ping works for IP as well as the 2 names.
> The
> > app comes up with both names and the IP when I disable SSL.
> >
> > I searched MS and everything else I could find on the net. Does anybody
> have
> > an idea what else I can try?
> >
> > Thanks,
> >
> > Claus
> > "cjobes" <cjobes@nova-tech.org> wrote in message
> > news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > > Hi everyone,
> > >
> > > I'm testing a new app on a standalone 2003. The website is mapped to a
> > > single IP address that is only used by this website. The app works
fine
> > with
> > > anonymous access. I want to use SSL for the sole purpose of encrypting
> > > traffic. User authentication is done within the app.
> > >
> > > I installed a certificate server (root CA) on the same box and added
the
> > > certificate to the website. I then checked "ignore client
certificates".
> > > When I try to connect to the website with http it correctly tells me
> that
> > > SSL is required. When I try to connect with https://ipaddress I get an
> > error
> > > that the page is not available.
> > >
> > > Why is this not working? I tried the IE on the server as well as IE
from
> > > another box on the local net. Both IE have SSL 2 and 3 enabled.
> > >
> > > Any help would be very much appreciated.
> > >
> > > Thanks,
> > > Claus
> > >
> > >
> >
> >
>
>

"Bernard" <qbernard@hotmail.com.discuss> wrote in message
news:%23E49p$6REHA.2716@tk2msftngp13.phx.gbl...
> Ok. the SSL cert is meant for inhouse dev test purposes. and for your
> previous cert without more error detail, I don't know what's wrong with
it.
> Next, regarding the browser warning. it is due to you are browsing https
> page, but inside it you have refer to non https page. e.g. your image ref
is
> using 'http://aaa.com/images/abc.gif".... you can solve this by removing
all
> http reference in the page.
>
> --
> Regards,
> Bernard Cheah
> http://www.tryiis.com/
> http://support.microsoft.com/
> http://www.msmvps.com/bernard/
>
>
>
> "cjobes" <cjobes@nova-tech.org> wrote in message
> news:#4YiYjxREHA.3348@TK2MSFTNGP09.phx.gbl...
> > The error was during negociation. -28....... kind of error. KB brought
up
> 2
> > problems that didn't relate to my situation. I assumed that the cert was
> > somehow faulty and created a new one with selfssl. That fixed it.
> >
> > The app comes up and works but every second or third screen I get the
> > warning box "This page contains both secure and non secure items. Do you
> > want to continue?" It doesn't seem to matter if I click yes or no. The
app
> > will continue working. But this will drive my users nuts!
> >
> > Does anybody know what causes this?
> >
> > Claus
> > "Bernard" <qbernard@hotmail.com.discuss> wrote in message
> > news:OBrZTrvREHA.3016@tk2msftngp13.phx.gbl...
> > > what's the error SSL diag report ?
> > > anything in event log ?
> > >
> > > --
> > > Regards,
> > > Bernard Cheah
> > > http://www.tryiis.com/
> > > http://support.microsoft.com/
> > > http://www.msmvps.com/bernard/
> > >
> > >
> > >
> > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > news:eBW6d4mREHA.3528@TK2MSFTNGP09.phx.gbl...
> > > > Additional Info:
> > > >
> > > > I found the SSL Diag tool (great help). The problem is the cert that
I
> > > > created with cert server. I don't know why yet, but if I use the SSL
> > Diag
> > > > tool to create a new cert, the website works. Now the question is,
why
> > > does
> > > > the cert server create a cert that isn't working?
> > > >
> > > > Does anybody have any idea about this one?
> > > >
> > > > Thanks,
> > > >
> > > > Claus
> > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> > > > > Some further info on this.
> > > > >
> > > > > The server is listening on port 443. I checked it with telnet. The
> lab
> > > > setup
> > > > > is a workgroup. The DNS has a zone testlab.com with 2 entries (www
> and
> > > > > webserver) pointing to the IP that the website is using. the
> > certificate
> > > > > name is webserver.testlab.com. Ping works for IP as well as the 2
> > names.
> > > > The
> > > > > app comes up with both names and the IP when I disable SSL.
> > > > >
> > > > > I searched MS and everything else I could find on the net. Does
> > anybody
> > > > have
> > > > > an idea what else I can try?
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Claus
> > > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > > news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > > > > > Hi everyone,
> > > > > >
> > > > > > I'm testing a new app on a standalone 2003. The website is
mapped
> to
> > a
> > > > > > single IP address that is only used by this website. The app
works
> > > fine
> > > > > with
> > > > > > anonymous access. I want to use SSL for the sole purpose of
> > encrypting
> > > > > > traffic. User authentication is done within the app.
> > > > > >
> > > > > > I installed a certificate server (root CA) on the same box and
> added
> > > the
> > > > > > certificate to the website. I then checked "ignore client
> > > certificates".
> > > > > > When I try to connect to the website with http it correctly
tells
> me
> > > > that
> > > > > > SSL is required. When I try to connect with https://ipaddress I
> get
> > an
> > > > > error
> > > > > > that the page is not available.
> > > > > >
> > > > > > Why is this not working? I tried the IE on the server as well as
> IE
> > > from
> > > > > > another box on the local net. Both IE have SSL 2 and 3 enabled.
> > > > > >
> > > > > > Any help would be very much appreciated.
> > > > > >
> > > > > > Thanks,
> > > > > > Claus
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

"cjobes" <cjobes@nova-tech.org> wrote in message
news:#4YiYjxREHA.3348@TK2MSFTNGP09.phx.gbl...
> The error was during negociation. -28....... kind of error. KB brought up
2
> problems that didn't relate to my situation. I assumed that the cert was
> somehow faulty and created a new one with selfssl. That fixed it.
>
> The app comes up and works but every second or third screen I get the
> warning box "This page contains both secure and non secure items. Do you
> want to continue?" It doesn't seem to matter if I click yes or no. The app
> will continue working. But this will drive my users nuts!
>
> Does anybody know what causes this?
>
> Claus
> "Bernard" <qbernard@hotmail.com.discuss> wrote in message
> news:OBrZTrvREHA.3016@tk2msftngp13.phx.gbl...
> > what's the error SSL diag report ?
> > anything in event log ?
> >
> > --
> > Regards,
> > Bernard Cheah
> > http://www.tryiis.com/
> > http://support.microsoft.com/
> > http://www.msmvps.com/bernard/
> >
> >
> >
> > "cjobes" <cjobes@nova-tech.org> wrote in message
> > news:eBW6d4mREHA.3528@TK2MSFTNGP09.phx.gbl...
> > > Additional Info:
> > >
> > > I found the SSL Diag tool (great help). The problem is the cert that I
> > > created with cert server. I don't know why yet, but if I use the SSL
> Diag
> > > tool to create a new cert, the website works. Now the question is, why
> > does
> > > the cert server create a cert that isn't working?
> > >
> > > Does anybody have any idea about this one?
> > >
> > > Thanks,
> > >
> > > Claus
> > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> > > > Some further info on this.
> > > >
> > > > The server is listening on port 443. I checked it with telnet. The
lab
> > > setup
> > > > is a workgroup. The DNS has a zone testlab.com with 2 entries (www
and
> > > > webserver) pointing to the IP that the website is using. the
> certificate
> > > > name is webserver.testlab.com. Ping works for IP as well as the 2
> names.
> > > The
> > > > app comes up with both names and the IP when I disable SSL.
> > > >
> > > > I searched MS and everything else I could find on the net. Does
> anybody
> > > have
> > > > an idea what else I can try?
> > > >
> > > > Thanks,
> > > >
> > > > Claus
> > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > > > > Hi everyone,
> > > > >
> > > > > I'm testing a new app on a standalone 2003. The website is mapped
to
> a
> > > > > single IP address that is only used by this website. The app works
> > fine
> > > > with
> > > > > anonymous access. I want to use SSL for the sole purpose of
> encrypting
> > > > > traffic. User authentication is done within the app.
> > > > >
> > > > > I installed a certificate server (root CA) on the same box and
added
> > the
> > > > > certificate to the website. I then checked "ignore client
> > certificates".
> > > > > When I try to connect to the website with http it correctly tells
me
> > > that
> > > > > SSL is required. When I try to connect with https://ipaddress I
get
> an
> > > > error
> > > > > that the page is not available.
> > > > >
> > > > > Why is this not working? I tried the IE on the server as well as
IE
> > from
> > > > > another box on the local net. Both IE have SSL 2 and 3 enabled.
> > > > >
> > > > > Any help would be very much appreciated.
> > > > >
> > > > > Thanks,
> > > > > Claus
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

> With regard to the other post, I'm aware that I can change the browser
> settings, but that doesn't fix the problem at the server.

"cjobes" <cjobes@nova-tech.org> wrote in message
news:evAD5s9REHA.644@tk2msftngp13.phx.gbl...
> I looked through some of the code (it's a big app). Everything I saw is
rel
> ref like ../images/abc.gif. which means that it should stay in https -
> right?
>
> With regard to the other post, I'm aware that I can change the browser
> settings, but that doesn't fix the problem at the server.
>
> "Bernard" <qbernard@hotmail.com.discuss> wrote in message
> news:%23E49p$6REHA.2716@tk2msftngp13.phx.gbl...
> > Ok. the SSL cert is meant for inhouse dev test purposes. and for your
> > previous cert without more error detail, I don't know what's wrong with
> it.
> > Next, regarding the browser warning. it is due to you are browsing https
> > page, but inside it you have refer to non https page. e.g. your image
ref
> is
> > using 'http://aaa.com/images/abc.gif".... you can solve this by removing
> all
> > http reference in the page.
> >
> > --
> > Regards,
> > Bernard Cheah
> > http://www.tryiis.com/
> > http://support.microsoft.com/
> > http://www.msmvps.com/bernard/
> >
> >
> >
> > "cjobes" <cjobes@nova-tech.org> wrote in message
> > news:#4YiYjxREHA.3348@TK2MSFTNGP09.phx.gbl...
> > > The error was during negociation. -28....... kind of error. KB brought
> up
> > 2
> > > problems that didn't relate to my situation. I assumed that the cert
was
> > > somehow faulty and created a new one with selfssl. That fixed it.
> > >
> > > The app comes up and works but every second or third screen I get the
> > > warning box "This page contains both secure and non secure items. Do
you
> > > want to continue?" It doesn't seem to matter if I click yes or no. The
> app
> > > will continue working. But this will drive my users nuts!
> > >
> > > Does anybody know what causes this?
> > >
> > > Claus
> > > "Bernard" <qbernard@hotmail.com.discuss> wrote in message
> > > news:OBrZTrvREHA.3016@tk2msftngp13.phx.gbl...
> > > > what's the error SSL diag report ?
> > > > anything in event log ?
> > > >
> > > > --
> > > > Regards,
> > > > Bernard Cheah
> > > > http://www.tryiis.com/
> > > > http://support.microsoft.com/
> > > > http://www.msmvps.com/bernard/
> > > >
> > > >
> > > >
> > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > news:eBW6d4mREHA.3528@TK2MSFTNGP09.phx.gbl...
> > > > > Additional Info:
> > > > >
> > > > > I found the SSL Diag tool (great help). The problem is the cert
that
> I
> > > > > created with cert server. I don't know why yet, but if I use the
SSL
> > > Diag
> > > > > tool to create a new cert, the website works. Now the question is,
> why
> > > > does
> > > > > the cert server create a cert that isn't working?
> > > > >
> > > > > Does anybody have any idea about this one?
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Claus
> > > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > > news:uag9O0kREHA.3300@TK2MSFTNGP09.phx.gbl...
> > > > > > Some further info on this.
> > > > > >
> > > > > > The server is listening on port 443. I checked it with telnet.
The
> > lab
> > > > > setup
> > > > > > is a workgroup. The DNS has a zone testlab.com with 2 entries
(www
> > and
> > > > > > webserver) pointing to the IP that the website is using. the
> > > certificate
> > > > > > name is webserver.testlab.com. Ping works for IP as well as the
2
> > > names.
> > > > > The
> > > > > > app comes up with both names and the IP when I disable SSL.
> > > > > >
> > > > > > I searched MS and everything else I could find on the net. Does
> > > anybody
> > > > > have
> > > > > > an idea what else I can try?
> > > > > >
> > > > > > Thanks,
> > > > > >
> > > > > > Claus
> > > > > > "cjobes" <cjobes@nova-tech.org> wrote in message
> > > > > > news:%23Hl331ZREHA.3580@TK2MSFTNGP10.phx.gbl...
> > > > > > > Hi everyone,
> > > > > > >
> > > > > > > I'm testing a new app on a standalone 2003. The website is
> mapped
> > to
> > > a
> > > > > > > single IP address that is only used by this website. The app
> works
> > > > fine
> > > > > > with
> > > > > > > anonymous access. I want to use SSL for the sole purpose of
> > > encrypting
> > > > > > > traffic. User authentication is done within the app.
> > > > > > >
> > > > > > > I installed a certificate server (root CA) on the same box and
> > added
> > > > the
> > > > > > > certificate to the website. I then checked "ignore client
> > > > certificates".
> > > > > > > When I try to connect to the website with http it correctly
> tells
> > me
> > > > > that
> > > > > > > SSL is required. When I try to connect with https://ipaddress
I
> > get
> > > an
> > > > > > error
> > > > > > > that the page is not available.
> > > > > > >
> > > > > > > Why is this not working? I tried the IE on the server as well
as
> > IE
> > > > from
> > > > > > > another box on the local net. Both IE have SSL 2 and 3
enabled.
> > > > > > >
> > > > > > > Any help would be very much appreciated.
> > > > > > >
> > > > > > > Thanks,
> > > > > > > Claus
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>