HTTPS - Connection Timed Out

freezingHot
freezingHot used Ask the Experts™
on
i have a virtual machine within Azure which serves up a web site.

when i navigate to http://api.website.com it works fine.  i purchased a SSL certificate and it imported into IIS.  i edited the bindings for the cert using the default port of 443.  i added the site's name api.website.com to the bindings.  

when i navigate to https://api.website.com i get a "The connection has timed out" error.

the firewall rules allow 443 (default rule).

what else can i check and/or modify within IIS or the OS?  any help is appreciated.

thanks.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
on the server, execute
 netstat -na | findstr 443
is there such line as
 TCP    0.0.0.0:443            0.0.0.0:0              LISTENING

on the client, try to execute
telnet api.website.com 443
does the server respond?
Top Expert 2014

Commented:
Surely api.website.com is who you bought the virtual host from rather than your own host's DNS name?

Author

Commented:
yes, this one of the responses:

 TCP    0.0.0.0:443            0.0.0.0:0              LISTENING

telnet api.website.com 443 - could not open connection to the host
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Author

Commented:
i own api.website.com and have it being forwarded to the virtual machine.
if you do
telnet api.website.com 443
from the server itself, does it connect?

Author

Commented:
same thing on the local server - can't open connection.
api.website.com may not be resolved (does it?) to the local IP address. Try instead
telnet localhost 443

Author

Commented:
yes, telnet localhost 443 appears to connect.

the server using nslookup does resolve api.website.com to the proper public IP address.
Does the public IP address actually equal the inner interface IP address?
If not, try to add a line like the following to the file C:\Windows\System32\drivers\etc\hosts
< local interface IP address> api.website.com

How many sites on this server?
If there only one, try to remove the "Host name" from the binding.
Then you should be able to test is the site acceptable by https://localhost

Author

Commented:
i added the line into the hosts file.  when i did, i was able to telnet api.website.com 443 on the local server.

i removed api.website.com from the bindings as it is the only website being served; however, neither fixed connecting from the outside world.

when i telnet api.website.com 443 on an outside machine, i still get the connection error.

the local server presents the default home page when i navigate to https://api.website.com, but i can't do it from the outside world.
Looks like a firewall issue. Can you temporary turn the firewall off and try connect from the outside again?

Author

Commented:
same thing with the firewall off - turned off both private and public
Do you have a firewall in the Azure virtual network?

Author

Commented:
Azure firewall didn't have 443 enabled.  thank you very much for your time!
You are welcome!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial