Solved

Old SSL cert still showing after renewal - IIS 6.0

Posted on 2006-10-20
4
1,124 Views
Last Modified: 2008-01-09
Hi everyone,

Yesterday I ran into an odd issue at a client site.  One of their websites in IIS 6.0 (Win 2003 SP1) was recently updated with a renewed Thawte SSL certificate.  When I try to log into the web site locally using SSL, the site shows the updated certificate.  When I try to log into the web site from the internet I am still seeing the expired cert.  I removed the cert from IIS and the certificate store, restrated IIS, and then tried importing the cert, but still no luck.  The web servers are load balanced, but the client swears they do not do any SSL acceleration and that the certs have always been stored on the web servers.  

The strange thing is, when I remove the SSL cert from IIS and turn off the SSL port the problem still occurs from the internet.  Locally, the SSL site is unavailable.

Any help is greatly appreciated.

-Dan
0
Comment
Question by:dbruzzone79
  • 2
4 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 17775484
Do you by any chance have a citrix secure gateway server set up?

If not, do you have an SSL accelerator device in use?

Dave Dietz
0
 

Author Comment

by:dbruzzone79
ID: 17775841
From what they have told me, they do not have a citrix secure gateway server or an SSL accelerator.  One of their developers is working with their managed hosting provider to see if the load balancer could be the culprit.  
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 250 total points
ID: 17778240
Since you are able to hit the site from the outside via SSL even with the SSL port disabled on the website you absolutely have something else acting as an SSL endpoint that is then forwarding the traffic via standard HTTP.

Once you find that device/service you should simply have to import the certificate there to resolve the issue.

Dave Dietz
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question