IIS7 not responding to HTTPS and/or OWA.

I have a 2008 server with Exchange 2007.  I had the usual problem where it would work fine on the inside of the net, but not from outside.  Found out about SAN certificates, got one, installed it.  Now in the process of this I may have changed a few things... but the upshot is that while everything works fine for HTTP requests,local or remote, HTTPS appears to be ignored completely.
It comes back instantly with : Internet Explorer cannot display the webpage.

Even having removed the SAN cert, it still wont respond to HTTPS requests?
P.
petesulliAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brad HoweDevOps ManagerCommented:
Hi,

by SAN I assume you mean SSL.

1. Take a look at this url - http://learn.iis.net/page.aspx/144/how-to-setup-ssl-on-iis-7/
2. Browse down to "IIS Manager".
3. Apply you certificate as shown.
4. Setup your BIND.
5. Try to browse.

If this doesn't load, then you may have a wrong SSL certification configuration. From there we can diagnose further.

Let us know,
Cheers,
Hades666
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
petesulliAuthor Commented:
Hi Hades,

Thanks for the bind tip, that worked a treat, BUT....
There is always a 'but' isn't there?  My cert works fine from out side the network using https://serv.external.com/owa , but doesn't work from inside using https://int.dom.local.

I had taken advice that a 'SAN' certificate would work in this enviroment, this is the cert I have, edited to protect the innocent:
Version : V3
Serial Number : snip
Sig algo : sha1RSA
Sig hash : sha1
Issuer : Equifax etc
Valid From :
Valid to :
Subject :  serv.external.com
<snip>
Subject Alternative Name : DNS Name=int.dom.local
                                           DNS Name=serv.external.com
<snip>
Key Usage: Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment (f0)
<snip>
Friendly name : serv.external.com

Any ideas?
P.
0
Brad HoweDevOps ManagerCommented:
Hi,

Yes a SSL with SAN will be fine. It just means that you won't receive ssl errors if you browse via int.dom.local or serv.external.com.

In this case, it sounds like a possible host header issue.

Configure Host Header

1.Open IIS Manager.
2.In the Connections pane, expand the Sites node in the tree, and then select the site for which you want to configure a host header.
3.In the Actions pane, click Bindings.
4.In the Site Bindings dialog box, select the binding for which you want to add a host header and then click Edit or click Add to add a new binding with a host header.
5.In the Host name box, type a host header for the site, such as int.dom.local.
6.Click OK.
7.To add an additional host header, create a new binding with the same IP address and port, and the new host header. Repeat for each host header that you want to use this IP address and port.

Cheers,
Hades666
0
petesulliAuthor Commented:
Hades, brilliant....

It wasnt a host header, looks like you can only do that for http, ssl? (curious to know out of academic interest.

As it turns out, being midnight here, i wasnt typing in the fqdn for the internal side, only hostname/owa, silly error, but as i say.. its late!

Thanks for your help.

As Iron Maiden sang : 666 the one for you and me!

G'night :)

P.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.