Old SSL cert still showing after renewal - IIS 6.0

dbruzzone79
dbruzzone79 used Ask the Experts™
on
Hi everyone,

Yesterday I ran into an odd issue at a client site.  One of their websites in IIS 6.0 (Win 2003 SP1) was recently updated with a renewed Thawte SSL certificate.  When I try to log into the web site locally using SSL, the site shows the updated certificate.  When I try to log into the web site from the internet I am still seeing the expired cert.  I removed the cert from IIS and the certificate store, restrated IIS, and then tried importing the cert, but still no luck.  The web servers are load balanced, but the client swears they do not do any SSL acceleration and that the certs have always been stored on the web servers.  

The strange thing is, when I remove the SSL cert from IIS and turn off the SSL port the problem still occurs from the internet.  Locally, the SSL site is unavailable.

Any help is greatly appreciated.

-Dan
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2007

Commented:
Do you by any chance have a citrix secure gateway server set up?

If not, do you have an SSL accelerator device in use?

Dave Dietz

Author

Commented:
From what they have told me, they do not have a citrix secure gateway server or an SSL accelerator.  One of their developers is working with their managed hosting provider to see if the load balancer could be the culprit.  
Top Expert 2007
Commented:
Since you are able to hit the site from the outside via SSL even with the SSL port disabled on the website you absolutely have something else acting as an SSL endpoint that is then forwarding the traffic via standard HTTP.

Once you find that device/service you should simply have to import the certificate there to resolve the issue.

Dave Dietz

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial