Solved

How to get Default Website in IIS to work again after creating new ssl in SBS 2008 via Exchange Management Console?

Posted on 2014-09-20
9
700 Views
Last Modified: 2014-09-25
I have just tried to re-key my SSL certificate for my server and when using the Wizard to do so in SBS 2008 it failed as I did not remove the old one prior I believe.  I called the certificate provider and they said it is not a big deal and to simply Use the Exchange Management Shell to create and import a new certificate.  The SSL provider revoked the old one and created a new one for Exchange 2007 which was created and applied through the Exchange Management Console.  Outlook Web Access works well and the correct SSL certificate shows up.  This Server also runs another website which has now stopped working.  Normally when I go to http:\\ipaddress it would come up with the default IIS screen  and now it comes up with "The webpage cannot be found".  After further investigating found that the default website was not started via IIS.  When attempting to start it received an error "This Web site cannot be started.  Another website may be using the same port"  Found that HTTPS was duplicated in the default website as well as SBS Web Applications.  Removed the duplicate entry from Default Website and now when going to http:\\ipaddress it starts but now I get an error which is "403 - Forbidden: Access is denied."  If I go to https:\\ipaddress  I get a certificate error with the option to continue anyway.  If I continue I get HTTP Error 403.14 - Forbidden, The Web server is configured to not list the contents of this directory.  If I click on the Certificate error I see Mismatched Address,The security certificate presented by this website was issued for a different website address.  All was working beautiful before this SSL was added using Exchange Management Shell instead of the SBS Wizard.  What else may need to be done to get http:\\ipaddress to point us to the IIS welcome page again?
0
Comment
Question by:Lounger-Master
  • 6
  • 2
9 Comments
 
LVL 28

Expert Comment

by:becraig
ID: 40334733
Can you post a snapshot of your iis manager screen ?

Winkey + r  
inetmgr
expand computer then sites and do a print screen, I have an idea what might need to be done but it is just easier to know exactly what you are working with.
0
 

Author Comment

by:Lounger-Master
ID: 40334740
Capture.JPG
Here it is!  Thank You
0
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 250 total points
ID: 40334752
in the default website go to bindings and remove all but http port 80, you can add https 443 and then select your certificate (the one for the default website or use a self signed one if just used locally0
0
 

Author Comment

by:Lounger-Master
ID: 40334760
Thank You, I have done so and now using http:\\serverip address still results in 403 - Forbidden: Access is denied. and using https:\\serverip address brings up the IIS website but it does give a certificate error as in the original question that says mismatched address.  Any other thoughts?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40334779
http:\\ server ip address will always return an ssl error unless you created the certificate request with the ip address in the subject name field.. https:\\servername will also give an error about the certificate not being from a trusted certificate authority.  You might want to look at the certificate and investigate further.

could you include a clearer image again?
0
 

Accepted Solution

by:
Lounger-Master earned 0 total points
ID: 40334785
I have tried a few more things and this may really clear things up.  The actual site I am trying to get to work is: http://mywebsitedomain/MaximizerWebAccess.  If I remove https from bindings under sbs web applications and add https under default website then I can access http://mywebsitedomain/MaximizerWebAccess but only via https but not http.  With this configuration when I try to access OWA it only points me to the IIS welcome screen instead of Outlook Web Access .  If I put the https binding back under sbs web applications and remove it from default website then my outlook web access works again but the site I am trying to use which is http://mywebsitedomain/MaximizerWebAccess gives me an error 404 - File or directory not found. no matter if I try to access it via http or https.  The Site is designed to run as http://mywebsitedomain/MaximizerWebAccess without ssl  

All SSL mismatch errors have disappeared completely :)
0
 

Author Comment

by:Lounger-Master
ID: 40334819
More information to further pinpoint the issue.  In IIS under default website if I go to Manage Website and choose browse it takes me to http://localhost/ with a message that says: Internet Explorer cannot display the webpage.  If I go to http:\\serverip directly on the server I get the attached screen shot. Capture.JPG
Is this the real issue perhaps?
0
 

Author Comment

by:Lounger-Master
ID: 40334829
I fixed it.  What had happened somehow was that SSL site binding for the Default Web site was enabled. The SSL settings for the website  showed that the "Require SSL" box is checked and after removing it all went back to normal.  Thank You everyone for you help.
0
 

Author Closing Comment

by:Lounger-Master
ID: 40343523
The reason I chose my own answer is because that is what eventually fixed the final issue.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now