Solved

SBS 2008 SSL/Port issue

Posted on 2013-05-23
5
376 Views
Last Modified: 2013-06-03
I have an SBS 2008 server set up.  It has a GoDaddy SSL cert that has no issues.

Each time the server reboots, the default Web Site binds to port 443, the SBS web applications then fails to start as there is a conflict for port 443.

I have edited the .config file previously to keep it from recurring but that now does not stop the issue, I must be missing a step, missing a file or doing it in the incorrect order.  After each reboot the configuration resets.

Also, I have to re-enable the certificate in the exchange shell after starting the service (at least that was one of my troubleshooting steps, it may no longer be necessary.
0
Comment
Question by:SoloComput
  • 3
  • 2
5 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
The mistake you made was to use Exhcange to enable the certificate.
SBS makes a ton of changes to the IIS configuration, which affects Exchange as well.

In Exchange, disable the SSL certificate you have.
Then in the SBS management console, run the SSL wizard, choosing to use an existing certificate. Select your GoDaddy certificate and SBS will do the rest.

I cover this exact scenario on my web site: http://semb.ee/2007ssl

Simon.
0
 

Author Comment

by:SoloComput
Comment Utility
@Sembee2, that may be so but it does not resolve the primary issue which is that after each reboot, the default website automatically takes port 443
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
That is because you enabled the certificate using the Exchange tools instead of the SBS tools. You have to undo that. If you setup the server using the wizards, which is how it is designed to be done, then everything works correctly.

Simon.
0
 

Accepted Solution

by:
SoloComput earned 0 total points
Comment Utility
Thanks Simon but that is not the issue, nor the solution.  Using Exchange PS to enable the certificate is not the problem, it is the standard way of working with exchange certificates.  The issue of the default website binding to 443 with the self signed or third party certificate is widely found and the only seeming solution is to monitor and delete the config.xml files for IIS occasionally because updates to IIS will cause the problem to happen again once it starts to happen.
0
 

Author Closing Comment

by:SoloComput
Comment Utility
After searching google and applying multiple fixes this is the only one.  The proposed answer by Simon ignored the key issue which was that the SSL was being issued to the incorrect site due to IIS configuration issues.  As well the documented methods of applying the certificate using the Exchange shell is the standard accepted by microsoft.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now