• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 521
  • Last Modified:

IIS 6.0 with SSL issue on a vmware box.

I have a very weird problem,
I have a windows VMWare box (host is win2003 OS)
it has a few guest 2003 servers running.

the host OS does not have IIS installed its IP is 10.0.0.5
one of the guest 2003 servers (IP 10.0.0.6) has IIS.
I issued temp SSL from the IIS console with the setting for all unassigned and get a trusted root SSL installed on it. Now when I got to the server by IP address, I get a warning that it is not matching the domain, however I see the right trusted SSL installed. however, if I go to the server with the FQDN, I see a warning message that it does not match the name and the certificate is showing that it was issued by the temp SSL from IP 10.0.0.5 which is the ip of the host OS not the guest.
I deleted the certificate and set the website on IIS to have 10.0.0.6 as the IP of the website and created the SSL and got the trusted certificate reissued from the new CSR but it is still showing cerificate issued from the 10.0.0.5 and I cannot clear it.

it is driving me crazy. I went through the MMC for the installed certificate on the guest OS and did not see it there..... have you seen this before.

what is driving me nut is how it picked up the IP of the host OS and not the guest and why it is not clearing out when I clear the SSL completely from teh website setting, it still listens on port 443
0
onlinerack
Asked:
onlinerack
1 Solution
 
meverestCommented:
Hello,

that seems more like a dns issue than anything else.  What does your FQDN really resolve to?  Maybe if you ping your FQDN, it will resolve to 10.0.0.5?

Also, what do you mean by trusted root - you got your cert from a trusted authority (like verisign, thawte, etc) or you installed a SA root on one of the servers?  If the latter, which one, the host or the guest?

Cheers.
0
 
cj_1969Commented:
You might also be having a problem with how your netowkring is configured in VMWare.
Unless you are using a straight bridged network configuration then the virtual client will appear on the network as the host address, despite being assigned its own IP.
I don't know why it would resolve externally so that you can connect to it ... unless you are testing from either on the client or VMware server machine itself, in which case, each of them would know about the local IP of the virtual machine.

So, chekc to make sure your network connection is bridged ... otherwise you ARE the IP of the server to all other machines on the network and if the request for the SSL certificate goes out and comes back to itself by the name of the machine then it is quite possible that it is resolving the the IP of the server.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now