Intranet Site coming up as unsecured
I have a server that is running an application that we access via a browser and a port number, https://FQDN: Port#, and it keeps coming up as unsecured even after updating the SSL certificate and binding it to the default site. I used IIS to generate the csr and used IIS to complete it. I added the intermediate and certificate to the certificate store using MMC.exe. I binded the certificate to https in the default site settings. It is a Goddady certificate and I down loaded the IIS version. What am I missing?
ASKER
The FQDN name matches the certificate.
It says not secure. When I click on more information It still shows the expired certificate as well as "This website does not supply ownership information."
Why the need for an alternate port?
With IIS enable Server Name Indication (SNI) in IIS --> Site --> Bindings --> HTTPS --> Tick the option. Then set the site to listen on TCP port 443. Restart the site.
You have to add the certificate under IIS and you have to SELECT the new certificate under bindings for the website to have IIS switch to the new cert.
ASKER
All that was done already
So if the SSL is installed properly on IIS, and you dont see the Cert on the browser, the silly question to ask would be
1) if thats the right server
2) is it load balanced
3) if yes, did you update all servers in the cluster
4) what do you see if you try to remote desktop using the fqdn vs the server name
5) if you ping the fqdn does it match your internal IP?
Where you selected the certificate in the binding, make sure you selected the right one. If you've renewed the certificate it's possible that you have two entries in the list with the same name.
ASKER
1. Yes it's the right server
2. Not load Balanced
4. I can RDP to he FQDN
5. When I ping the FQDN I get the right IP
In the certificate binding I gave the new cert a unique friendly name so that I could tell which was the newest
ok on IIS > Website > Bindings
Select the IP / HTTPS entry and make sure the new cert is selected
If you have already done that, the other thing I'd suggest is restarting the www service
If that dont do it, reboot machine (its a windows thing :P )
ASKER
OK. Let me try that. Thanks.
ASKER
This is driving me crazy. None of the above steps solved my issue.
ASKER
Well I see the certificate in IIS and applied to the "Default Web Site". Sorry for the choppy info. Someone else used to take care of this but is no longer with the co. Let me add some color.
This server is running three applications that are accessed via a browser. The different applications are accessed via the FQDN:port #
https://FQDN Server name:port123 - Application1
https://FQDN Server name:port456 - Application 2
https://FQDN Server name:port789 - Application 3
When I expand the "Default Web Site" in IIS I don't see any references to those applications.
This server is also running an instance of SQL
Are there any other websites on the web server? Are there different sites for each application?
ASKER
Sorry for the late response. Had to take off for a few days. No these are applications running on the server and the applications are accessed via a browser specifying different port numbers.
Does the FQDN match the name on the certificate?
The browser should tell you what it thinks is wrong with the certificate.