External SSL problems on SBS 2008 (RWW, OWA etc)

I am having a problem with a customers SBS 2008 server.
Suddenly Thursday the SSL on external websites stopped working (seems to be timing out getting certificate).
They where using an self authorised certificate but as part of trying to fix I have installed a valid 3 party certificate.
SSL accress to Companyweb on port 987 is working ok, and ssl access to OWA etc is working fine internally

Spent hours on this so far and tried a lot of things. Anyone got some ideas?
dolphinitukAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David AtkinTechnical DirectorCommented:
Hello,

How did you install the certificate?  Did you use the Add a Trusted Certificate wizard in the SBS Console?

Try running the Fix My Network Wizard in the SBS Console.  This will detect certificate errors and will re-apply the certificate to IIS etc - This should work if you have used the previously mentioned Add a Trusted Certificate wizard.
0
dolphinitukAuthor Commented:
Hi.

Yes certificate was installed by the Add trusted certificate wizard.

I have run the fix my network wizard a few times and also the SBS BPA.

Also tried going back to the self issued, then reinstall the trusted (tested with both and same problem)

Its a Comodo certificate by the way

Have checked the right certificate is being used in bindings in IIS
0
dolphinitukAuthor Commented:
May have found something strange.
Stopped the World Wide Web Publishing service and checked port 443 at canyouseeme.org and it says that is can still see port open. That shouldn't happen should it

edit - just blocked port 443 on the server firewall and still got a response. I now think something has changed on the router (a Draytek that I don't manage unfortunately)
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

David AtkinTechnical DirectorCommented:
If its a Draytek then check the SSL VPN options.  The default port is 443 for the SSL VPN - Its irritated me many times...
0
dolphinitukAuthor Commented:
Thanks. Just waiting to hear back from the person who controls the router.
He said nothing had been changed yesterday but think Ive proved him wrong (even got a response on port 443 when the server was rebooting
0
David AtkinTechnical DirectorCommented:
Ok, in the mean time run a 'netstat -a -n -o' via cmd and check to see if anything else is using port 443 on the server
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dolphinitukAuthor Commented:
Got into router in the end. Somehow the internal VPN's had been enabled. Turned off and all working now. Thanks for pointers
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.