How to get Default Website in IIS to work again after creating new ssl in SBS 2008 via Exchange Management Console?

Posted on 2014-09-20
Medium Priority
Last Modified: 2014-09-25
I have just tried to re-key my SSL certificate for my server and when using the Wizard to do so in SBS 2008 it failed as I did not remove the old one prior I believe.  I called the certificate provider and they said it is not a big deal and to simply Use the Exchange Management Shell to create and import a new certificate.  The SSL provider revoked the old one and created a new one for Exchange 2007 which was created and applied through the Exchange Management Console.  Outlook Web Access works well and the correct SSL certificate shows up.  This Server also runs another website which has now stopped working.  Normally when I go to http:\\ipaddress it would come up with the default IIS screen  and now it comes up with "The webpage cannot be found".  After further investigating found that the default website was not started via IIS.  When attempting to start it received an error "This Web site cannot be started.  Another website may be using the same port"  Found that HTTPS was duplicated in the default website as well as SBS Web Applications.  Removed the duplicate entry from Default Website and now when going to http:\\ipaddress it starts but now I get an error which is "403 - Forbidden: Access is denied."  If I go to https:\\ipaddress  I get a certificate error with the option to continue anyway.  If I continue I get HTTP Error 403.14 - Forbidden, The Web server is configured to not list the contents of this directory.  If I click on the Certificate error I see Mismatched Address,The security certificate presented by this website was issued for a different website address.  All was working beautiful before this SSL was added using Exchange Management Shell instead of the SBS Wizard.  What else may need to be done to get http:\\ipaddress to point us to the IIS welcome page again?
Question by:Lounger-Master
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
LVL 29

Expert Comment

ID: 40334733
Can you post a snapshot of your iis manager screen ?

Winkey + r  
expand computer then sites and do a print screen, I have an idea what might need to be done but it is just easier to know exactly what you are working with.

Author Comment

ID: 40334740
Here it is!  Thank You
LVL 82

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 1000 total points
ID: 40334752
in the default website go to bindings and remove all but http port 80, you can add https 443 and then select your certificate (the one for the default website or use a self signed one if just used locally0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more


Author Comment

ID: 40334760
Thank You, I have done so and now using http:\\serverip address still results in 403 - Forbidden: Access is denied. and using https:\\serverip address brings up the IIS website but it does give a certificate error as in the original question that says mismatched address.  Any other thoughts?
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 40334779
http:\\ server ip address will always return an ssl error unless you created the certificate request with the ip address in the subject name field.. https:\\servername will also give an error about the certificate not being from a trusted certificate authority.  You might want to look at the certificate and investigate further.

could you include a clearer image again?

Accepted Solution

Lounger-Master earned 0 total points
ID: 40334785
I have tried a few more things and this may really clear things up.  The actual site I am trying to get to work is: http://mywebsitedomain/MaximizerWebAccess.  If I remove https from bindings under sbs web applications and add https under default website then I can access http://mywebsitedomain/MaximizerWebAccess but only via https but not http.  With this configuration when I try to access OWA it only points me to the IIS welcome screen instead of Outlook Web Access .  If I put the https binding back under sbs web applications and remove it from default website then my outlook web access works again but the site I am trying to use which is http://mywebsitedomain/MaximizerWebAccess gives me an error 404 - File or directory not found. no matter if I try to access it via http or https.  The Site is designed to run as http://mywebsitedomain/MaximizerWebAccess without ssl  

All SSL mismatch errors have disappeared completely :)

Author Comment

ID: 40334819
More information to further pinpoint the issue.  In IIS under default website if I go to Manage Website and choose browse it takes me to http://localhost/ with a message that says: Internet Explorer cannot display the webpage.  If I go to http:\\serverip directly on the server I get the attached screen shot. Capture.JPG
Is this the real issue perhaps?

Author Comment

ID: 40334829
I fixed it.  What had happened somehow was that SSL site binding for the Default Web site was enabled. The SSL settings for the website  showed that the "Require SSL" box is checked and after removing it all went back to normal.  Thank You everyone for you help.

Author Closing Comment

ID: 40343523
The reason I chose my own answer is because that is what eventually fixed the final issue.

Featured Post

Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question