Solved

SBS 2008 SSL/Port issue

Posted on 2013-05-23
5
380 Views
Last Modified: 2013-06-03
I have an SBS 2008 server set up.  It has a GoDaddy SSL cert that has no issues.

Each time the server reboots, the default Web Site binds to port 443, the SBS web applications then fails to start as there is a conflict for port 443.

I have edited the .config file previously to keep it from recurring but that now does not stop the issue, I must be missing a step, missing a file or doing it in the incorrect order.  After each reboot the configuration resets.

Also, I have to re-enable the certificate in the exchange shell after starting the service (at least that was one of my troubleshooting steps, it may no longer be necessary.
0
Comment
Question by:SoloComput
  • 3
  • 2
5 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39192496
The mistake you made was to use Exhcange to enable the certificate.
SBS makes a ton of changes to the IIS configuration, which affects Exchange as well.

In Exchange, disable the SSL certificate you have.
Then in the SBS management console, run the SSL wizard, choosing to use an existing certificate. Select your GoDaddy certificate and SBS will do the rest.

I cover this exact scenario on my web site: http://semb.ee/2007ssl

Simon.
0
 

Author Comment

by:SoloComput
ID: 39193008
@Sembee2, that may be so but it does not resolve the primary issue which is that after each reboot, the default website automatically takes port 443
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39194328
That is because you enabled the certificate using the Exchange tools instead of the SBS tools. You have to undo that. If you setup the server using the wizards, which is how it is designed to be done, then everything works correctly.

Simon.
0
 

Accepted Solution

by:
SoloComput earned 0 total points
ID: 39205790
Thanks Simon but that is not the issue, nor the solution.  Using Exchange PS to enable the certificate is not the problem, it is the standard way of working with exchange certificates.  The issue of the default website binding to 443 with the self signed or third party certificate is widely found and the only seeming solution is to monitor and delete the config.xml files for IIS occasionally because updates to IIS will cause the problem to happen again once it starts to happen.
0
 

Author Closing Comment

by:SoloComput
ID: 39215650
After searching google and applying multiple fixes this is the only one.  The proposed answer by Simon ignored the key issue which was that the SSL was being issued to the incorrect site due to IIS configuration issues.  As well the documented methods of applying the certificate using the Exchange shell is the standard accepted by microsoft.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now