Solved

Old SSL cert still showing after renewal - IIS 6.0

Posted on 2006-10-20
4
1,123 Views
Last Modified: 2008-01-09
Hi everyone,

Yesterday I ran into an odd issue at a client site.  One of their websites in IIS 6.0 (Win 2003 SP1) was recently updated with a renewed Thawte SSL certificate.  When I try to log into the web site locally using SSL, the site shows the updated certificate.  When I try to log into the web site from the internet I am still seeing the expired cert.  I removed the cert from IIS and the certificate store, restrated IIS, and then tried importing the cert, but still no luck.  The web servers are load balanced, but the client swears they do not do any SSL acceleration and that the certs have always been stored on the web servers.  

The strange thing is, when I remove the SSL cert from IIS and turn off the SSL port the problem still occurs from the internet.  Locally, the SSL site is unavailable.

Any help is greatly appreciated.

-Dan
0
Comment
Question by:dbruzzone79
  • 2
4 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 17775484
Do you by any chance have a citrix secure gateway server set up?

If not, do you have an SSL accelerator device in use?

Dave Dietz
0
 

Author Comment

by:dbruzzone79
ID: 17775841
From what they have told me, they do not have a citrix secure gateway server or an SSL accelerator.  One of their developers is working with their managed hosting provider to see if the load balancer could be the culprit.  
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 250 total points
ID: 17778240
Since you are able to hit the site from the outside via SSL even with the SSL port disabled on the website you absolutely have something else acting as an SSL endpoint that is then forwarding the traffic via standard HTTP.

Once you find that device/service you should simply have to import the certificate there to resolve the issue.

Dave Dietz
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now