How to diagnose https connection not working

Posted on 2011-03-08
Medium Priority
Last Modified: 2012-05-11
I successfully setup a test system using a ssl certificate / https website for the first time and now rolling out to a 'production' machine. I've installed a new certificate and setup pc (xp pro / iis5.1 - don't judge!) in the same way as my test machine as far as I can tell but when I try to access a page using https I get browser error 118 (operation timed out).
Can someone please help me diagnose the problem - here's my 2c worth so far..:
1. Site works fine on http (which I need to leave in place)
2. Checked port 443 is open on main router (shared offices so IT dept have confirmed this)
3. Disabled pc security software firewall (ESET)
Current website settings as shown in attached image.

Question by:nigelr99
  • 3
  • 3
LVL 30

Accepted Solution

Brad Howe earned 1000 total points
ID: 35068839
If it is all good, install SSL diag and give it a test. After is searches, scroll to your site and verify certificate chain and root is installed.
Run, SSL Diagnostics to troubleshoot.

1. Firewall. you could test this by using telnet to port 443.  If it is open, it will connect and go black.
    eg: telnet your.domain.com 443

2. Does it browse locally?

3. SSL Diagnostics


Let us know,

Author Comment

ID: 35070307

In response:
1. I disabled local firewall but telnet could still not connect. I had IT dept to re-check 443 port forwarding which they did.
2. I cannot connect locally using https://locahost
3. Ran ssldiag and had handshake error as shown in attached image.
Looked for some more information on the error number but struggling to find a way forward. Any ideas appreciated.

LVL 30

Expert Comment

by:Brad Howe
ID: 35070350
If you cannot connect even locally then it is not a firewall issue.

If you open up IIS Manager and review the directory Security for the certificate, is the entire chain present?

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

LVL 30

Expert Comment

by:Brad Howe
ID: 35070450
you may also what to verify the permissions on the machinekey folder.

Default permissions for the MachineKeys folders


as simple a reboot...


Author Comment

ID: 35073488
Ok, Certificate chain looks fine (see image) - I even tried removing / re-importing certificate.
Permissions on MachineKeys folder look OK.
Rebooted and still no joy. I'm sure I'm missing something simple here. IT dept is swapping router overnight but if I can't connect locally then there's not much point in that!
Any more ideas please?


Author Comment

ID: 35087250
It turns out the 'IT dept' router uses https for remote management which has now been disabled and after re-installing certificate (out of desperation if nothing else) and then stopping and re-starting w3svc service it magically works!
Thanks for you help with diagnostics hades666 - I will award you the points. Cheers!

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Free Data Recovery software is an advanced solution from Kernel Tools to recover data and files such as documents, emails, database, media and pictures, etc. It supports recovery from physical & logical drive after a hard disk crash, accidental/inte…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question