Solved

How to get Default Website in IIS to work again after creating new ssl in SBS 2008 via Exchange Management Console?

Posted on 2014-09-20
9
707 Views
Last Modified: 2014-09-25
I have just tried to re-key my SSL certificate for my server and when using the Wizard to do so in SBS 2008 it failed as I did not remove the old one prior I believe.  I called the certificate provider and they said it is not a big deal and to simply Use the Exchange Management Shell to create and import a new certificate.  The SSL provider revoked the old one and created a new one for Exchange 2007 which was created and applied through the Exchange Management Console.  Outlook Web Access works well and the correct SSL certificate shows up.  This Server also runs another website which has now stopped working.  Normally when I go to http:\\ipaddress it would come up with the default IIS screen  and now it comes up with "The webpage cannot be found".  After further investigating found that the default website was not started via IIS.  When attempting to start it received an error "This Web site cannot be started.  Another website may be using the same port"  Found that HTTPS was duplicated in the default website as well as SBS Web Applications.  Removed the duplicate entry from Default Website and now when going to http:\\ipaddress it starts but now I get an error which is "403 - Forbidden: Access is denied."  If I go to https:\\ipaddress  I get a certificate error with the option to continue anyway.  If I continue I get HTTP Error 403.14 - Forbidden, The Web server is configured to not list the contents of this directory.  If I click on the Certificate error I see Mismatched Address,The security certificate presented by this website was issued for a different website address.  All was working beautiful before this SSL was added using Exchange Management Shell instead of the SBS Wizard.  What else may need to be done to get http:\\ipaddress to point us to the IIS welcome page again?
0
Comment
Question by:Lounger-Master
  • 6
  • 2
9 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 40334733
Can you post a snapshot of your iis manager screen ?

Winkey + r  
inetmgr
expand computer then sites and do a print screen, I have an idea what might need to be done but it is just easier to know exactly what you are working with.
0
 

Author Comment

by:Lounger-Master
ID: 40334740
Capture.JPG
Here it is!  Thank You
0
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 250 total points
ID: 40334752
in the default website go to bindings and remove all but http port 80, you can add https 443 and then select your certificate (the one for the default website or use a self signed one if just used locally0
0
 

Author Comment

by:Lounger-Master
ID: 40334760
Thank You, I have done so and now using http:\\serverip address still results in 403 - Forbidden: Access is denied. and using https:\\serverip address brings up the IIS website but it does give a certificate error as in the original question that says mismatched address.  Any other thoughts?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40334779
http:\\ server ip address will always return an ssl error unless you created the certificate request with the ip address in the subject name field.. https:\\servername will also give an error about the certificate not being from a trusted certificate authority.  You might want to look at the certificate and investigate further.

could you include a clearer image again?
0
 

Accepted Solution

by:
Lounger-Master earned 0 total points
ID: 40334785
I have tried a few more things and this may really clear things up.  The actual site I am trying to get to work is: http://mywebsitedomain/MaximizerWebAccess.  If I remove https from bindings under sbs web applications and add https under default website then I can access http://mywebsitedomain/MaximizerWebAccess but only via https but not http.  With this configuration when I try to access OWA it only points me to the IIS welcome screen instead of Outlook Web Access .  If I put the https binding back under sbs web applications and remove it from default website then my outlook web access works again but the site I am trying to use which is http://mywebsitedomain/MaximizerWebAccess gives me an error 404 - File or directory not found. no matter if I try to access it via http or https.  The Site is designed to run as http://mywebsitedomain/MaximizerWebAccess without ssl  

All SSL mismatch errors have disappeared completely :)
0
 

Author Comment

by:Lounger-Master
ID: 40334819
More information to further pinpoint the issue.  In IIS under default website if I go to Manage Website and choose browse it takes me to http://localhost/ with a message that says: Internet Explorer cannot display the webpage.  If I go to http:\\serverip directly on the server I get the attached screen shot. Capture.JPG
Is this the real issue perhaps?
0
 

Author Comment

by:Lounger-Master
ID: 40334829
I fixed it.  What had happened somehow was that SSL site binding for the Default Web site was enabled. The SSL settings for the website  showed that the "Require SSL" box is checked and after removing it all went back to normal.  Thank You everyone for you help.
0
 

Author Closing Comment

by:Lounger-Master
ID: 40343523
The reason I chose my own answer is because that is what eventually fixed the final issue.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
This video discusses moving either the default database or any database to a new volume.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now