• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

Can't view my https ?

Hi Experts,
Having trouble viewing my site as https after cert install.

I can still view my site through port :80

Not sure if I have my bindings set correctly though? http has a host name and and IP address where as https does not. Should the https have the same IP as http? Further I only want the site to display in https.

Thank you
0
thenrich
Asked:
thenrich
  • 8
  • 7
1 Solution
 
Santosh GuptaCommented:
Hi,

in the given article see the "IIS Manager" secssion.

http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis
0
 
thenrichAuthor Commented:
Hi, Thank you for posting that artical but does little to help my situation. I can browse to my local on port :443 and the site comes up but not externally

I'm running IIS7 and Server 2008r2. Cert appears to installed and configured correctly in IIS. I can not see any other applications using port 443?
0
 
Santosh GuptaCommented:
you are unable to access the site using https from your LAN or internet ??
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
thenrichAuthor Commented:
Unable to access from internet

When I browse from IIS it works fine other then I get a warning saying local host and my site name do not match my cert
0
 
thenrichAuthor Commented:
Also when I go to the https it takes some time before the 'Page can't be displayed error'  pops up. In fact the the title tab indicates 'Waiting' so it must be trying?
0
 
Santosh GuptaCommented:
1. what is your site name i.e. abc.com and how you are externally accessing ?
2. try to access your site externally https://www.yoursite.com
3. try to access your site externally https://yoursite.com 
4. check your certificate and see what is domain name showing in certificate.
0
 
thenrichAuthor Commented:
My site is set up like:

https://companyws.domain.com

no www
0
 
Santosh GuptaCommented:
1. try to access https://domain.com/ and share error.
2. check if public DNS is configured properly.
3. Check if port 443 is opened by your router/firewall
4. check if port forwarding/NATing is configured on router/firewall.
0
 
thenrichAuthor Commented:
1) It takes me to a hosting provider. Not sure what you mean? My site is not a www - Please see above? My site is a sub domain within  main with it's own unique namespace. https://domain.com/  would be our main domain which isn't relevent here.
2) What does that mean? My server has a static public IP - confirmed and works with http. Do I need another static IP for https?
3) Yes inbound rule is there
4) No clue what your talking about there.
0
 
Santosh GuptaCommented:
What i assuming, you have your own webserver and managed by you in your LAN.

Let me explain here how web site works.

1. A user type the https://companyws.domain.com in address bar.
2.  the request goes to for DNS resolution (to your Domain provider).
3. DNS resolve it and redirect to your public IP i.e is your router/firewall public IP.
4. router see the request and based on the NAT rule, it change "your router IP" to your  local IP (webserver).


So here is my answer.

1.      i just want to make sure that atleast it goes to your DNS, but seems your web server is hosted.
2.       your hosting provider services provider must have shared he public IPs.
3.      its good.
4.      if it is host on cloud (hosting provider) or your LAN. In both case NATing is required. If its hosted then your hosting provider should configure or if its in you LAN then your should have to configure.


so finally, pls clear how your webserver configure, its hosted or in-premises (LAN)
0
 
thenrichAuthor Commented:
the webserver is on site configured in a DMZ
0
 
Santosh GuptaCommented:
Is your webserver configure like this ???
DMZ
0
 
thenrichAuthor Commented:
yes
0
 
thenrichAuthor Commented:
So I just used this tool:

http://www.yougetsignal.com/tools/open-ports/

port 80 open
port 443 closed
0
 
Santosh GuptaCommented:
ok thanks,

1. number 1 is in image is your ISP (to whom your have purchased the Domain name) - Check if host record is created for companyws and its pointing to your router (2) public IP.

2. . number 2 is in image is your Router-check if it is configured to 443 and 80 redirect the traffic (NAT) to your webserver (3).

3. . number 3 is in image is your webserver -check if windows firewall allows 443 and 80 traffic.

pls let me know if you have still any question.
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now