We help IT Professionals succeed at work.

Urgent: Cannot access companyweb externally after installing ssl certificate on companyweb site on sbs 2003 in wss 2.0

Hello to all,

I installed a SSL cert from Godaddy on a SBS 2003 server to the default web site. RWW and OWA work fine. Before I did this we had created a site in WSS 2.0 for file collaboration and it worked as well. The client wanted to have it working with out getting the certificate error for accessing the WSS3 2.0 site that we created for file collaboration. So I got another SSL and made an a record for it titled intranet.xxx.com. After installing the SSL on the companyweb site, you could not access the companyweb at all. I removed the ssl and re-installed the self signed ssl cert on the companyweb site. Now you can access it internally but when trying to access it externally you now get a "page cannot be displayed error. I really need to get this fixed back to how it was before with the certificate error. I'm a bit stumped on this any help will be greatly appreciated.

Thanks,

Kelvin
Comment
Watch Question

Author

Commented:
Additional information:

When it was working it was using mail.xxx.com and wanted it changed to intranet.xxx.com using the SSL cert, but would just like it working again,
Paul MacDonaldDirector, Information Systems
CERTIFIED EXPERT

Commented:
So is the SSL certificate for xxx.com or is it machine specific (intranet.xxx.com)?  Is "intranet.xxx.com" a valid URL from outside your company?

Author

Commented:
I created an "A" record for intranet.xxx.com and then created an SSL for the url intranet.xxx.com. The other SSL that is working just fine was created for mail.xx.com and after installing it we were able to access the site by using mail.xxx.com:444/reports, but after installing the intranet.xxx.com SSL we could no longer access it at all, internally or externally. I then removed the instranet.xx.com ssl and installed the previous self-signed ssl cert mail.xx.com back on the companyweb folder in iis, now we can access it internally but cannot access it externally as we did before.
Paul MacDonaldDirector, Information Systems
CERTIFIED EXPERT

Commented:
Well you can't access intranet.xxx.com with a certificate for mail.xxx.com - you'll get a certificate error.  The reverse is true as well.

Correct me if I'm wrong, but the mail.xxx.com certificate is self-signed and the intranet.xxx.com certificate is a public (GoDaddy) certificate?  

I can't think of any reason why the public certificate wouldn't work.  Are you sure if's valid?  And it's been issued for the correct domain or machine?

Author

Commented:
I had 2 GoDaddy SSL certificates. one that I installed on the default web site, mail.xxx.com and then I had a second, intranet.xxx.com that I installed on the companyweb site in IIS. When I installed the inranet ssl I could not access the companyweb at all. The mail.xxx.com works fine for accessing RWW and OWA, and I can access the companyweb internally but now cannot access it over the internet as I was able to before but with a certificate error using mail.xxx.com:444/reports. After not being able to access it after installing the intranet ssl on the companyweb site I removed it and re-assigned a self-signed ssl for mail.xxx.com that was on it before and doing this I was able to access companyweb internally but not externally. I had installed the mail.xxx.com ssl the day before and you could still access the companyweb using mail.xxx.com:444/reports but would get the certificate error. I then purchased the intranet ssl from godaddy, created an A record for intranet.xxx.com on the DNS and then created and installed the intranet ssl, which then broke access. Removing the intranet ssl from companyweb and reassigning a previous self-signed mail.xxx.com ssl got internal access bak up and running but not external access. So basically I have a Godaddy ssl for mail.xxx.com installed on the default web site, which works and have a self-signed ssl for mail.xxx.com installed on the companyweb site which allows internal access but not external access as it did before.
I am considering of running the CEICW, then checking to see if I'm able to access it externally and internally again and the recreating the Godaddy SSL and installing it on the Default Web site as before and then test to see it internal and external access works and the leaving it alone. A couple of questions:

1 Do you think it will work???
2. Also do you think I will have to recreate the Godaddy SSL or could I just reassign it once its working??
Paul MacDonaldDirector, Information Systems
CERTIFIED EXPERT
Commented:
1) couldn't hurt to try
2) it shouldn't be necessary to recreate the certificate as long as the host name is correct.  I would verify that before putting it back in place.

Author

Commented:
OK...just got off the phone with Godaddy and thats where we are at, so am going to try it now and let you know.

Author

Commented:
OK...rerunning the CEICW worked!!! I did however have to go back and re-key the SSL, but the problem is solved!!!!

Author

Commented:
Thanks Paul for being a sounding board, it was greatly appreciated

Author

Commented:
This site as always...ROCKS!!

Explore More ContentExplore courses, solutions, and other research materials related to this topic.