Solved

how to make a website https available

Posted on 2009-07-14
15
820 Views
Last Modified: 2012-05-07
I am running spiceworks 4.03 in IIS 6.  It's running on port 80, and I've created an internal DNS entry where if "helpdesk" is typed in the browser address, it goes straight there.
I know I need to create an external DNS entry, but besides that, How do I make this website accessible via HTTPS, as I want anyone outside my organization to be able to access it?
I added port 443 in IIS, but it's still not working.
Any thoughts would be awesome!
0
Comment
Question by:afacts
  • 9
  • 6
15 Comments
 
LVL 19

Expert Comment

by:Jones911
ID: 24853244
Did you port forward port 443?
0
 

Author Comment

by:afacts
ID: 24853256
Not sure, how do I port forward 443?  What and where do I do that?
0
 
LVL 19

Expert Comment

by:Jones911
ID: 24853352
On your router/modem.
0
 

Author Comment

by:afacts
ID: 24853362
oh, yea, I'll set that up shortly, but first I need to get it to work internally first, right?
Right now, I need it to work from my own PC, then after it works internally, I'll setup my firewall correctly to point to it.  I guess I'm asking what do I need to do to IIS to make it work internally first?
0
 
LVL 19

Expert Comment

by:Jones911
ID: 24853366
Right.  Did you purchase a SSl certificate?
0
 

Author Comment

by:afacts
ID: 24853400
not yet, I am going to, do I have to have the certificate for it to work, or if I don't install the cert, I guess it won't work?
0
 
LVL 19

Expert Comment

by:Jones911
ID: 24853416
You have to have a cirtificate for it to work.  You can self sign it but it will always pop up for the clients tryign to log in.

Take a look at this article its quite clear on the steps and should help:  http://www.zdnetasia.com/techguide/storage/0,39045058,62036934,00.htm
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:afacts
ID: 24853452
thanks, that's good, but how do I install a self signed certificate, so I can test to see if it even works internally, as spiceworks says that they don't support SSL, so I don't want to spend money in buying a certificate if my software doesn't work with it.
0
 
LVL 19

Expert Comment

by:Jones911
ID: 24853550
0
 

Author Comment

by:afacts
ID: 24853565
thanks, I'll get back to you
0
 

Author Comment

by:afacts
ID: 24854582
ok, cool, I installed the selfssl and now it asks me to confirm the certificate and it goes to the helpdesk age, so that's cool.  I guess my next steps are, 1. get a real certificate, and 2.configure my firewall to allow the traffic to it, and 3. setup external DNS, right?  Any other steps you can think of?
what would the certificate be, I'm assuming it would be like helpdesk.amazingfacts.org
0
 
LVL 19

Assisted Solution

by:Jones911
Jones911 earned 250 total points
ID: 24855898
Yep all sounds right.  If you want to call the site:  helpdesk.amazingfacts.org that will eb fine.  Remember unless you get a wildcard ssl cirt you can only have 1 ssl site per IP address.
0
 

Author Comment

by:afacts
ID: 24856379
doesn't my SSL need to be specifically helpdesk.amazingfacts.org?
how does a wildcard SSL work?
0
 

Author Comment

by:afacts
ID: 24873404
well, I did everything and it's still not working.  Here's what I did and sitll nothing.
1.      Created the internal dns
2.      Created the external dns
3.      Purchased an SSL certificate and installed it on my IIS spiceworks website
4.      Configured my firewall with an external IP address to point to my spiceworks server

I tried to access it via https and http, but both don't work.  I get the following error message:

You are not authorized to view this page
You do not have permission to view this directory or page due to the access control list (ACL) that is configured for this resource on the Web server.
--------------------------------------------------------------------------------

Please try the following:

Contact the Web site administrator if you believe you should be able to view this directory or page.
Click the Refresh button to try again with different credentials.
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Go to Microsoft Product Support Services and perform a title search for the words HTTP and 401.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Access Control, and About Custom Error Messages.
0
 

Accepted Solution

by:
afacts earned 0 total points
ID: 24975275
I got it to work, the default.aspx file in IIS was poiting to my local server instead of helpdesk.amazingfacts.org
After I fixed that, it's working just fine externally.  So where's what I did.
1. created the internal and external DNS records
2. configured the firwall to allow access to it
3. setup IIS (iis and spiceworks can't be on the same port)

And it's working fine.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now