DNS / SSL Error

On a winfows 2012 member server we are running IIS 8 for one application only. I have setup my SSL for the site and if I type in https://x.x.x.x/Appname i get the usual warning about SSL not matching but it all works. In IIS bindings under ssl i added the domain name to match the ssl cert. Then if I try it i get a 404 error. If I try to use https://domainname/appname I get page not found. I do have the DNS which is hosted by aplus.net point the www only to the ip address of this server. What am I missing here? I need to be careful on the aplus.net side as this domain is used only for it's ftp services and I do not wish to mess that up.  We will not be using port 80 at all so on the firewall I only have 443 pointing to the server and as i said https://x.x.x.x/Appname works. I hope i've explained this correctly. Any thoughts anyone?
jsgouldAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
so, your certificate is for server.domain.com and you are going to https://server.domain.com ?
0
jsgouldAuthor Commented:
cert is for www.domain.com and i'm trying to go to https://www.domain.com/APPNAME. I'm not using a subdomain. created the cert request from IIS8. IIS8 has added the binding to it. It's set in IIS8. Hopefully i answered that correctly.
0
David Johnson, CD, MVPOwnerCommented:
you need to add an A record like your WWW record that points to the same location with the name "@"  which should expand to your domain name. don't forget to add a nat rule to your router to direct all port 443 traffic to the internal ip of the computer hosting the website.

personally I'd not use the default website but create a new website with the binding appname.domainname.com, enable ssl and select the correct certificate.. what are the subject alternative names available to you in your certificate.. if a wildcard cert i.e. *.domainname.tld then you will be good to go.. if you only have domainname.tld then you are stuck with using a subdirectory of the default website.. if there is nothing in the default website you should add a 301 redirect to go to /appname
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

jsgouldAuthor Commented:
ok. i have the www a record pointing to that address but nothing else because i want to make sure ftp.domainname.com still functions off the webhosting account as it is in use. other then that the domain is only there is for ftp use. that's why we thought we could utilize the www.domainname.com. let me double check all dns settings. do i need to add the name www.domainname.com into the IIS bindings section. as of right now i have nothing there for 80 or 443. and 443 already is pointing. if i go by straight ip address https://1.1.1.1/Appname it works once you go past the certificate warning in the web browser. i'll double check those dns settings
0
Dave HoweSoftware and Hardware EngineerCommented:
normally, I would suggest doing "nslookup www.domainname.com" on a command prompt, and see what it comes back with. presumably if the above isn't working, the IP will get back will be wrong.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jsgouldAuthor Commented:
so nslookup was showing me the causing the issue. i didn't realize DNS changes where being made to a utility domain name and not the website domain name. So far still not working though. made the correct changes. nslookup is reporting the correct ip address now. May need DNS to make it's way around some more not sure. https://ipaddress/appname still does work however
0
jsgouldAuthor Commented:
Great work guys. Thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.