|
Home > Archive > IIS Server Security > September 2005 > IIS SSL Site Page Not Found - have tried everything
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS SSL Site Page Not Found - have tried everything
|
|
| Daniel J. Reynolds 2005-08-15, 5:53 pm |
| I have a default web site on IIS 5 set up with a SSL Certificate
issued by our in-house certificate authority. When "Require SSL
certificate" is not checked the default web page "default.html" is
returned via http://rs.domain.com If "require SSL certificate" is
checked, a page "SSL required" is returned.
When "require SSL certificate" is checked and the page is fetched with
https://rs.domain.com "Page not found ... Cannot find server or DNS
error" is returned.
-----------------------------------------------------------------------------------------
This behavior is when IE6 SP1 is used as the browser.
-----------------------------------------------------------------------------------------
All updates SP's etc are the most current!!
The proper page IS returned when foxfire is used as the browser and
https://rs.domain.com is requested.
netstat -an (on the web server) shows the site's IP addr is listening
on both port 80 and port 443.
MS SSL diagnostics is able to retrieve the page when run on the web
server. (log is listed below)
MS webfetch program is able to retrieve the page over the intranet
when the protocal is set to HTTPS but not when set to HTTP. (log is
listed below)
Have tried most of the suggestions found in messages in google groups
to no avail. Have ried to remove and reinstall both certificates, web
server and root authority in browser.
Thanks in advance, I have faith that someone has the answer.
RESULTS FROM SSL Diagnostics program
---------------------------------------------------------------------------
System time: Mon, 15 Aug 2005 21:07:28 GMT
Connecting to 10.6.21.80:443
Connected
Handshake: 78 bytes sent
Handshake: 2097 bytes received
Handshake: 182 bytes sent
Handshake: 43 bytes received
Handshake succeeded
Verifying server certificate, it might take a while...
Server certificate name: rs.domain.com
Server certificate subject: C=US, S=INDIANA, L=OGDEN DUNES, O=High
Aspect Development Corporation, OU=High Aspect Development
Corporation, CN=rs.domain.com
Server certificate issuer: E=dan@domain.com, C=US, S=IN, L=Ogden
Dunes, O=High Aspect Development Corporation, OU=High Aspect, CN=High
Aspect Enterprise Certificate Authority
Server certificate validity: From 8/15/2005 2:48:46 PM To 8/15/2007
2:48:46 PM
HTTPS request:
GET / HTTP/1.0
User-Agent: SSLDiag
Accept:*/*
HTTPS: 72 bytes of encrypted data sent
HTTPS: 923 bytes of encrypted data received
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Content-Location: https://10.6.21.80/default.html
Date: Mon, 15 Aug 2005 21:07:28 GMT
Content-Type: text/html
Accept-Ranges: bytesLast-Modified: Fri, 12 Aug 2005 21:22:01 GMT
ETag: "821916e1839fc51:e67"
Content-Length: 539
<HTML>
<HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<META HTTP-EQUIV="Cache-Control" CONTENT="Private">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Content-Type" content="text/html;
charset=iso-8859-1">
<TITLE>High Aspect Development</TITLE>
</HEAD>
<BODY>
<Center>
<p><font face="Comic Sans MS" size="6">High Aspect
Development</font></p>
<p align="center"><font face="Comic Sans MS" size="3">Report
Server</font></p>
</CENTER>
</BODY>
</HTML>
HTTPS: server disconnected
Final handshake: 23 bytes sent successfully
RESULTS from wfetch program
---------------------------------------------------------
started....resolve hostname
"rs.domain.com"WWWConnect::Connect("10.6.21.80","443")\nsource port:
1508\r\n
REQUEST: **************\nGET / HTTP/1.1\r\n
Host: rs.domain.com\r\n
Accept: */*\r\n
\r\n
RESPONSE: **************\nHTTP/1.1 200 OK\r\n
Server: Microsoft-IIS/5.0\r\n
X-Powered-By: ASP.NET\r\n
Content-Location: https://rs.domain.com/default.html\r\n
Date: Mon, 15 Aug 2005 21:13:49 GMT\r\n
Content-Type: text/html\r\n
Accept-Ranges: bytes\r\n
Last-Modified: Fri, 12 Aug 2005 21:22:01 GMT\r\n
ETag: "821916e1839fc51:e67"\r\n
Content-Length: 539\r\n
\r\n
<HTML>\r\n
<HEAD>\r\n
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">\r\n
<META HTTP-EQUIV="Expires" CONTENT="-1">\r\n
<META HTTP-EQUIV="Cache-Control" CONTENT="Private">\r\n
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">\r\n
<META HTTP-EQUIV="Content-Type" content="text/html;
charset=iso-8859-1">\r\n
<TITLE>High Aspect Development</TITLE>\r\n
</HEAD>\r\n
<BODY>\r\n
<Center>\r\n
<p><font face="Comic Sans MS" size="6">High Aspect
Development</font></p>\r\n
<p align="center"><font face="Comic Sans MS" size="3">Report
Server</font></p>\r\n
</CENTER>\r\n
</BODY>\r\n
</HTML>\r\n
\r\n
finished.
I have a default web site on IIS 5 set up with a SSL Certificate
issued by our
in-house certificate authority. When "Require SSL certificate" is not
checked
the default web page "default.html" is returned via
http://rs.domain.com
If "require SSL certificate" is not checked, a page "SSL required" is
returned.
When the page is fetched with https://rs.domain.com "Page not found
.... Cannot
find server or DNS error" is returned.
This behavior is when IE6 SP1 is used as the browser.
The proper page IS returned when foxfire is used as the browser.
netstat -an (on the web server) shows the site's IP addr is listening
on both port 80 and port 443.
MS SSL diagnostics is able to retrieve the page when run on the web
server. (log is listed below)
MS webfetch program is able to retrieve the page over the intranet
when the protocal is set to HTTPS
but not when set to HTTP. (log is listed be,low)
RESULTS FROM SSL Diagnostics program
------------------------------------
System time: Mon, 15 Aug 2005 21:07:28 GMT
Connecting to 10.6.21.80:443
Connected
Handshake: 78 bytes sent
Handshake: 2097 bytes received
Handshake: 182 bytes sent
Handshake: 43 bytes received
Handshake succeeded
Verifying server certificate, it might take a while...
Server certificate name: rs.domain.com
Server certificate subject: C=US, S=INDIANA, L=OGDEN DUNES, O=High
Aspect Development Corporation, OU=High Aspect Development
Corporation, CN=rs.domain.com
Server certificate issuer: E=dan@domain.com, C=US, S=IN, L=Ogden
Dunes, O=High Aspect Development Corporation, OU=High Aspect, CN=High
Aspect Enterprise Certificate Authority
Server certificate validity: From 8/15/2005 2:48:46 PM To 8/15/2007
2:48:46 PM
HTTPS request:
GET / HTTP/1.0
User-Agent: SSLDiag
Accept:*/*
HTTPS: 72 bytes of encrypted data sent
HTTPS: 923 bytes of encrypted data received
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Content-Location: https://10.6.21.80/default.html
Date: Mon, 15 Aug 2005 21:07:28 GMT
Content-Type: text/html
Accept-Ranges: bytesLast-Modified: Fri, 12 Aug 2005 21:22:01 GMT
ETag: "821916e1839fc51:e67"
Content-Length: 539
<HTML>
<HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<META HTTP-EQUIV="Cache-Control" CONTENT="Private">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Content-Type" content="text/html;
charset=iso-8859-1">
<TITLE>High Aspect Development</TITLE>
</HEAD>
<BODY>
<Center>
<p><font face="Comic Sans MS" size="6">High Aspect
Development</font></p>
<p align="center"><font face="Comic Sans MS" size="3">Report
Server</font></p>
</CENTER>
</BODY>
</HTML>
HTTPS: server disconnected
Final handshake: 23 bytes sent successfully
RESULTS from wfetch program
---------------------------
started....resolve hostname
"rs.domain.com"WWWConnect::Connect("10.6.21.80","443")\nsource port:
1508\r\n
REQUEST: **************\nGET / HTTP/1.1\r\n
Host: rs.domain.com\r\n
Accept: */*\r\n
\r\n
RESPONSE: **************\nHTTP/1.1 200 OK\r\n
Server: Microsoft-IIS/5.0\r\n
X-Powered-By: ASP.NET\r\n
Content-Location: https://rs.domain.com/default.html\r\n
Date: Mon, 15 Aug 2005 21:13:49 GMT\r\n
Content-Type: text/html\r\n
Accept-Ranges: bytes\r\n
Last-Modified: Fri, 12 Aug 2005 21:22:01 GMT\r\n
ETag: "821916e1839fc51:e67"\r\n
Content-Length: 539\r\n
\r\n
<HTML>\r\n
<HEAD>\r\n
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">\r\n
<META HTTP-EQUIV="Expires" CONTENT="-1">\r\n
<META HTTP-EQUIV="Cache-Control" CONTENT="Private">\r\n
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">\r\n
<META HTTP-EQUIV="Content-Type" content="text/html;
charset=iso-8859-1">\r\n
<TITLE>High Aspect Development</TITLE>\r\n
</HEAD>\r\n
<BODY>\r\n
<Center>\r\n
<p><font face="Comic Sans MS" size="6">High Aspect
Development</font></p>\r\n
<p align="center"><font face="Comic Sans MS" size="3">Report
Server</font></p>\r\n
</CENTER>\r\n
</BODY>\r\n
</HTML>\r\n
\r\n
finished.
| |
| Sparky Polastri 2005-09-16, 6:00 pm |
| Check your firewall/router setup to make sure port 80 and port 443 are both
translated to the internal IP correctly.
"Daniel J. Reynolds" <dan@highaspect.com> wrote in message
news:4s12g1lrsolke84jej7ouhahusgqtc3ebn@
4ax.com...
>I have a default web site on IIS 5 set up with a SSL Certificate
> issued by our in-house certificate authority. When "Require SSL
> certificate" is not checked the default web page "default.html" is
> returned via http://rs.domain.com If "require SSL certificate" is
> checked, a page "SSL required" is returned.
>
> When "require SSL certificate" is checked and the page is fetched with
> https://rs.domain.com "Page not found ... Cannot find server or DNS
> error" is returned.
>
> -----------------------------------------------------------------------------------------
> This behavior is when IE6 SP1 is used as the browser.
> -----------------------------------------------------------------------------------------
>
> All updates SP's etc are the most current!!
>
> The proper page IS returned when foxfire is used as the browser and
> https://rs.domain.com is requested.
>
> netstat -an (on the web server) shows the site's IP addr is listening
> on both port 80 and port 443.
>
> MS SSL diagnostics is able to retrieve the page when run on the web
> server. (log is listed below)
>
> MS webfetch program is able to retrieve the page over the intranet
> when the protocal is set to HTTPS but not when set to HTTP. (log is
> listed below)
>
> Have tried most of the suggestions found in messages in google groups
> to no avail. Have ried to remove and reinstall both certificates, web
> server and root authority in browser.
>
> Thanks in advance, I have faith that someone has the answer.
>
> RESULTS FROM SSL Diagnostics program
> ---------------------------------------------------------------------------
>
> System time: Mon, 15 Aug 2005 21:07:28 GMT
> Connecting to 10.6.21.80:443
> Connected
> Handshake: 78 bytes sent
> Handshake: 2097 bytes received
> Handshake: 182 bytes sent
> Handshake: 43 bytes received
> Handshake succeeded
> Verifying server certificate, it might take a while...
> Server certificate name: rs.domain.com
> Server certificate subject: C=US, S=INDIANA, L=OGDEN DUNES, O=High
> Aspect Development Corporation, OU=High Aspect Development
> Corporation, CN=rs.domain.com
> Server certificate issuer: E=dan@domain.com, C=US, S=IN, L=Ogden
> Dunes, O=High Aspect Development Corporation, OU=High Aspect, CN=High
> Aspect Enterprise Certificate Authority
> Server certificate validity: From 8/15/2005 2:48:46 PM To 8/15/2007
> 2:48:46 PM
> HTTPS request:
> GET / HTTP/1.0
> User-Agent: SSLDiag
> Accept:*/*
> HTTPS: 72 bytes of encrypted data sent
> HTTPS: 923 bytes of encrypted data received
> HTTP/1.1 200 OK
> Server: Microsoft-IIS/5.0
> X-Powered-By: ASP.NET
> Content-Location: https://10.6.21.80/default.html
> Date: Mon, 15 Aug 2005 21:07:28 GMT
> Content-Type: text/html
> Accept-Ranges: bytesLast-Modified: Fri, 12 Aug 2005 21:22:01 GMT
> ETag: "821916e1839fc51:e67"
> Content-Length: 539
> <HTML>
> <HEAD>
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> <META HTTP-EQUIV="Expires" CONTENT="-1">
> <META HTTP-EQUIV="Cache-Control" CONTENT="Private">
> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
> <META HTTP-EQUIV="Content-Type" content="text/html;
> charset=iso-8859-1">
> <TITLE>High Aspect Development</TITLE>
> </HEAD>
> <BODY>
> <Center>
> <p><font face="Comic Sans MS" size="6">High Aspect
> Development</font></p>
> <p align="center"><font face="Comic Sans MS" size="3">Report
> Server</font></p>
> </CENTER>
> </BODY>
> </HTML>
> HTTPS: server disconnected
> Final handshake: 23 bytes sent successfully
>
>
> RESULTS from wfetch program
> ---------------------------------------------------------
>
> started....resolve hostname
> "rs.domain.com"WWWConnect::Connect("10.6.21.80","443")\nsource port:
> 1508\r\n
> REQUEST: **************\nGET / HTTP/1.1\r\n
> Host: rs.domain.com\r\n
> Accept: */*\r\n
> \r\n
> RESPONSE: **************\nHTTP/1.1 200 OK\r\n
> Server: Microsoft-IIS/5.0\r\n
> X-Powered-By: ASP.NET\r\n
> Content-Location: https://rs.domain.com/default.html\r\n
> Date: Mon, 15 Aug 2005 21:13:49 GMT\r\n
> Content-Type: text/html\r\n
> Accept-Ranges: bytes\r\n
> Last-Modified: Fri, 12 Aug 2005 21:22:01 GMT\r\n
> ETag: "821916e1839fc51:e67"\r\n
> Content-Length: 539\r\n
> \r\n
> <HTML>\r\n
> <HEAD>\r\n
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">\r\n
> <META HTTP-EQUIV="Expires" CONTENT="-1">\r\n
> <META HTTP-EQUIV="Cache-Control" CONTENT="Private">\r\n
> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">\r\n
> <META HTTP-EQUIV="Content-Type" content="text/html;
> charset=iso-8859-1">\r\n
> <TITLE>High Aspect Development</TITLE>\r\n
> </HEAD>\r\n
> <BODY>\r\n
> <Center>\r\n
> <p><font face="Comic Sans MS" size="6">High Aspect
> Development</font></p>\r\n
> <p align="center"><font face="Comic Sans MS" size="3">Report
> Server</font></p>\r\n
> </CENTER>\r\n
> </BODY>\r\n
> </HTML>\r\n
> \r\n
> finished.
>
>
>
> I have a default web site on IIS 5 set up with a SSL Certificate
> issued by our
> in-house certificate authority. When "Require SSL certificate" is not
> checked
> the default web page "default.html" is returned via
> http://rs.domain.com
> If "require SSL certificate" is not checked, a page "SSL required" is
> returned.
> When the page is fetched with https://rs.domain.com "Page not found
> ... Cannot
> find server or DNS error" is returned.
>
> This behavior is when IE6 SP1 is used as the browser.
>
> The proper page IS returned when foxfire is used as the browser.
>
> netstat -an (on the web server) shows the site's IP addr is listening
> on both port 80 and port 443.
>
> MS SSL diagnostics is able to retrieve the page when run on the web
> server. (log is listed below)
>
> MS webfetch program is able to retrieve the page over the intranet
> when the protocal is set to HTTPS
> but not when set to HTTP. (log is listed be,low)
>
> RESULTS FROM SSL Diagnostics program
> ------------------------------------
>
> System time: Mon, 15 Aug 2005 21:07:28 GMT
> Connecting to 10.6.21.80:443
> Connected
> Handshake: 78 bytes sent
> Handshake: 2097 bytes received
> Handshake: 182 bytes sent
> Handshake: 43 bytes received
> Handshake succeeded
> Verifying server certificate, it might take a while...
> Server certificate name: rs.domain.com
> Server certificate subject: C=US, S=INDIANA, L=OGDEN DUNES, O=High
> Aspect Development Corporation, OU=High Aspect Development
> Corporation, CN=rs.domain.com
> Server certificate issuer: E=dan@domain.com, C=US, S=IN, L=Ogden
> Dunes, O=High Aspect Development Corporation, OU=High Aspect, CN=High
> Aspect Enterprise Certificate Authority
> Server certificate validity: From 8/15/2005 2:48:46 PM To 8/15/2007
> 2:48:46 PM
> HTTPS request:
> GET / HTTP/1.0
> User-Agent: SSLDiag
> Accept:*/*
> HTTPS: 72 bytes of encrypted data sent
> HTTPS: 923 bytes of encrypted data received
> HTTP/1.1 200 OK
> Server: Microsoft-IIS/5.0
> X-Powered-By: ASP.NET
> Content-Location: https://10.6.21.80/default.html
> Date: Mon, 15 Aug 2005 21:07:28 GMT
> Content-Type: text/html
> Accept-Ranges: bytesLast-Modified: Fri, 12 Aug 2005 21:22:01 GMT
> ETag: "821916e1839fc51:e67"
> Content-Length: 539
> <HTML>
> <HEAD>
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> <META HTTP-EQUIV="Expires" CONTENT="-1">
> <META HTTP-EQUIV="Cache-Control" CONTENT="Private">
> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
> <META HTTP-EQUIV="Content-Type" content="text/html;
> charset=iso-8859-1">
> <TITLE>High Aspect Development</TITLE>
> </HEAD>
> <BODY>
> <Center>
> <p><font face="Comic Sans MS" size="6">High Aspect
> Development</font></p>
> <p align="center"><font face="Comic Sans MS" size="3">Report
> Server</font></p>
> </CENTER>
> </BODY>
> </HTML>
> HTTPS: server disconnected
> Final handshake: 23 bytes sent successfully
>
>
> RESULTS from wfetch program
> ---------------------------
>
> started....resolve hostname
> "rs.domain.com"WWWConnect::Connect("10.6.21.80","443")\nsource port:
> 1508\r\n
> REQUEST: **************\nGET / HTTP/1.1\r\n
> Host: rs.domain.com\r\n
> Accept: */*\r\n
> \r\n
> RESPONSE: **************\nHTTP/1.1 200 OK\r\n
> Server: Microsoft-IIS/5.0\r\n
> X-Powered-By: ASP.NET\r\n
> Content-Location: https://rs.domain.com/default.html\r\n
> Date: Mon, 15 Aug 2005 21:13:49 GMT\r\n
> Content-Type: text/html\r\n
> Accept-Ranges: bytes\r\n
> Last-Modified: Fri, 12 Aug 2005 21:22:01 GMT\r\n
> ETag: "821916e1839fc51:e67"\r\n
> Content-Length: 539\r\n
> \r\n
> <HTML>\r\n
> <HEAD>\r\n
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">\r\n
> <META HTTP-EQUIV="Expires" CONTENT="-1">\r\n
> <META HTTP-EQUIV="Cache-Control" CONTENT="Private">\r\n
> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">\r\n
> <META HTTP-EQUIV="Content-Type" content="text/html;
> charset=iso-8859-1">\r\n
> <TITLE>High Aspect Development</TITLE>\r\n
> </HEAD>\r\n
> <BODY>\r\n
> <Center>\r\n
> <p><font face="Comic Sans MS" size="6">High Aspect
> Development</font></p>\r\n
> <p align="center"><font face="Comic Sans MS" size="3">Report
> Server</font></p>\r\n
> </CENTER>\r\n
> </BODY>\r\n
> </HTML>\r\n
> \r\n
> finished.
>
>
|
|
|
|
|