How to enable https in IIS?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I have applied a free certificate for my website and successfully installed the certificate in the certificate store. And the CN is the same as my domain(issued to mydomain).
I also set up the site bindings and added an https binding using the free certificate.
The port 443 is opened for both inbound and outbound.
Windows Network Troubleshooting detected the resource(my domain) is online but isn't responding to connection attempt.
But I still get ERR_CONNECTION_TIMED_OUT error from the browser.
Did I miss any steps? How could I enable the https in IIS?
UPDATE 11/14/2018
I have run bindings diagnostics and SSL diagnostics using JexusManager suggested by @Lex Li, and got more information as below:
Binding Diagnostics:
BINDING: https *:443:whatever.com
This site can take external traffic if,
TCP port 443 must be opened on Windows Firewall (or any other equivalent products).
Requests from web browsers must be routed to following end points on this machine,
- [::1]:443.
- My.private.IP.address:443.
This site can take local traffic at 127.0.0.1:443.
This site can take local traffic at [::1]:443.
- Web browsers should use URL https://whatever.com:443. Requests must have Host header of "whatever.com".
Start DNS query for whatever.com.
DNS Query returns 1 result(s).
- 127.0.0.1
Binding Diagnostics does not verify certificates and other SSL/TLS related settings.
Please run SSL Diagnostics at server level to analyze SSL/TLS configuration.
And then I ran SSL diagnostics as below:
BINDING: https *:443:whatever.com
SSLCertHash: 2962cd5b2b450403bce520169c268de1f17a6216
SSL Flags: None
Testing EndPoint: 127.0.0.1
CertName: whatever.com
Version: 3
You have a private key that corresponds to this certificate.
Signature Algorithm: sha256RSA
Key Exchange Algorithm: RSA-PKCS1-KeyEx Key Size: 2048
Subject: CN=whatever.com
Issuer: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia
Technologies, Inc.", C=CN
Validity: From 11/11/2018 4:00:00 PM To 11/12/2019 4:00:00 AM
Serial Number: 0B365B8ABC8118CD7F818FD5B7BB485C
DS Mapper Usage: Disabled
Archived: False
Subject Alternative Name: DNS Name=whatever.com DNS Name=www.whatever.com
Key Usage: KeyEncipherment, DigitalSignature
Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1),Client
Authentication (1.3.6.1.5.5.7.3.2)
Basic Constraints: Subject Type=End Entity, Path Length Constraint=None
Certificate verified.
And, I also have run an SLL Checker and it returns:
whatever.com resolves to My.Public.IP.Address
Server Type: Microsoft-IIS/8.5
No SSL certificates were found on whatever.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
The certificate passed the SSL Diagnostics but it has some problem. I didn't get it. How could I enable https protocol for my site? Many thanks!
asp.net ssl iis https ssl-certificate
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
add a comment |
I have applied a free certificate for my website and successfully installed the certificate in the certificate store. And the CN is the same as my domain(issued to mydomain).
I also set up the site bindings and added an https binding using the free certificate.
The port 443 is opened for both inbound and outbound.
Windows Network Troubleshooting detected the resource(my domain) is online but isn't responding to connection attempt.
But I still get ERR_CONNECTION_TIMED_OUT error from the browser.
Did I miss any steps? How could I enable the https in IIS?
UPDATE 11/14/2018
I have run bindings diagnostics and SSL diagnostics using JexusManager suggested by @Lex Li, and got more information as below:
Binding Diagnostics:
BINDING: https *:443:whatever.com
This site can take external traffic if,
TCP port 443 must be opened on Windows Firewall (or any other equivalent products).
Requests from web browsers must be routed to following end points on this machine,
- [::1]:443.
- My.private.IP.address:443.
This site can take local traffic at 127.0.0.1:443.
This site can take local traffic at [::1]:443.
- Web browsers should use URL https://whatever.com:443. Requests must have Host header of "whatever.com".
Start DNS query for whatever.com.
DNS Query returns 1 result(s).
- 127.0.0.1
Binding Diagnostics does not verify certificates and other SSL/TLS related settings.
Please run SSL Diagnostics at server level to analyze SSL/TLS configuration.
And then I ran SSL diagnostics as below:
BINDING: https *:443:whatever.com
SSLCertHash: 2962cd5b2b450403bce520169c268de1f17a6216
SSL Flags: None
Testing EndPoint: 127.0.0.1
CertName: whatever.com
Version: 3
You have a private key that corresponds to this certificate.
Signature Algorithm: sha256RSA
Key Exchange Algorithm: RSA-PKCS1-KeyEx Key Size: 2048
Subject: CN=whatever.com
Issuer: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia
Technologies, Inc.", C=CN
Validity: From 11/11/2018 4:00:00 PM To 11/12/2019 4:00:00 AM
Serial Number: 0B365B8ABC8118CD7F818FD5B7BB485C
DS Mapper Usage: Disabled
Archived: False
Subject Alternative Name: DNS Name=whatever.com DNS Name=www.whatever.com
Key Usage: KeyEncipherment, DigitalSignature
Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1),Client
Authentication (1.3.6.1.5.5.7.3.2)
Basic Constraints: Subject Type=End Entity, Path Length Constraint=None
Certificate verified.
And, I also have run an SLL Checker and it returns:
whatever.com resolves to My.Public.IP.Address
Server Type: Microsoft-IIS/8.5
No SSL certificates were found on whatever.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
The certificate passed the SSL Diagnostics but it has some problem. I didn't get it. How could I enable https protocol for my site? Many thanks!
asp.net ssl iis https ssl-certificate
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
@John Wu I could only access to the site through https protocol from a browser on the server by adding172.0.0.1 whatever.comin the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!
– Dongwei Shi
Nov 14 '18 at 23:17
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35
add a comment |
I have applied a free certificate for my website and successfully installed the certificate in the certificate store. And the CN is the same as my domain(issued to mydomain).
I also set up the site bindings and added an https binding using the free certificate.
The port 443 is opened for both inbound and outbound.
Windows Network Troubleshooting detected the resource(my domain) is online but isn't responding to connection attempt.
But I still get ERR_CONNECTION_TIMED_OUT error from the browser.
Did I miss any steps? How could I enable the https in IIS?
UPDATE 11/14/2018
I have run bindings diagnostics and SSL diagnostics using JexusManager suggested by @Lex Li, and got more information as below:
Binding Diagnostics:
BINDING: https *:443:whatever.com
This site can take external traffic if,
TCP port 443 must be opened on Windows Firewall (or any other equivalent products).
Requests from web browsers must be routed to following end points on this machine,
- [::1]:443.
- My.private.IP.address:443.
This site can take local traffic at 127.0.0.1:443.
This site can take local traffic at [::1]:443.
- Web browsers should use URL https://whatever.com:443. Requests must have Host header of "whatever.com".
Start DNS query for whatever.com.
DNS Query returns 1 result(s).
- 127.0.0.1
Binding Diagnostics does not verify certificates and other SSL/TLS related settings.
Please run SSL Diagnostics at server level to analyze SSL/TLS configuration.
And then I ran SSL diagnostics as below:
BINDING: https *:443:whatever.com
SSLCertHash: 2962cd5b2b450403bce520169c268de1f17a6216
SSL Flags: None
Testing EndPoint: 127.0.0.1
CertName: whatever.com
Version: 3
You have a private key that corresponds to this certificate.
Signature Algorithm: sha256RSA
Key Exchange Algorithm: RSA-PKCS1-KeyEx Key Size: 2048
Subject: CN=whatever.com
Issuer: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia
Technologies, Inc.", C=CN
Validity: From 11/11/2018 4:00:00 PM To 11/12/2019 4:00:00 AM
Serial Number: 0B365B8ABC8118CD7F818FD5B7BB485C
DS Mapper Usage: Disabled
Archived: False
Subject Alternative Name: DNS Name=whatever.com DNS Name=www.whatever.com
Key Usage: KeyEncipherment, DigitalSignature
Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1),Client
Authentication (1.3.6.1.5.5.7.3.2)
Basic Constraints: Subject Type=End Entity, Path Length Constraint=None
Certificate verified.
And, I also have run an SLL Checker and it returns:
whatever.com resolves to My.Public.IP.Address
Server Type: Microsoft-IIS/8.5
No SSL certificates were found on whatever.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
The certificate passed the SSL Diagnostics but it has some problem. I didn't get it. How could I enable https protocol for my site? Many thanks!
asp.net ssl iis https ssl-certificate
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
I have applied a free certificate for my website and successfully installed the certificate in the certificate store. And the CN is the same as my domain(issued to mydomain).
I also set up the site bindings and added an https binding using the free certificate.
The port 443 is opened for both inbound and outbound.
Windows Network Troubleshooting detected the resource(my domain) is online but isn't responding to connection attempt.
But I still get ERR_CONNECTION_TIMED_OUT error from the browser.
Did I miss any steps? How could I enable the https in IIS?
UPDATE 11/14/2018
I have run bindings diagnostics and SSL diagnostics using JexusManager suggested by @Lex Li, and got more information as below:
Binding Diagnostics:
BINDING: https *:443:whatever.com
This site can take external traffic if,
TCP port 443 must be opened on Windows Firewall (or any other equivalent products).
Requests from web browsers must be routed to following end points on this machine,
- [::1]:443.
- My.private.IP.address:443.
This site can take local traffic at 127.0.0.1:443.
This site can take local traffic at [::1]:443.
- Web browsers should use URL https://whatever.com:443. Requests must have Host header of "whatever.com".
Start DNS query for whatever.com.
DNS Query returns 1 result(s).
- 127.0.0.1
Binding Diagnostics does not verify certificates and other SSL/TLS related settings.
Please run SSL Diagnostics at server level to analyze SSL/TLS configuration.
And then I ran SSL diagnostics as below:
BINDING: https *:443:whatever.com
SSLCertHash: 2962cd5b2b450403bce520169c268de1f17a6216
SSL Flags: None
Testing EndPoint: 127.0.0.1
CertName: whatever.com
Version: 3
You have a private key that corresponds to this certificate.
Signature Algorithm: sha256RSA
Key Exchange Algorithm: RSA-PKCS1-KeyEx Key Size: 2048
Subject: CN=whatever.com
Issuer: CN=TrustAsia TLS RSA CA, OU=Domain Validated SSL, O="TrustAsia
Technologies, Inc.", C=CN
Validity: From 11/11/2018 4:00:00 PM To 11/12/2019 4:00:00 AM
Serial Number: 0B365B8ABC8118CD7F818FD5B7BB485C
DS Mapper Usage: Disabled
Archived: False
Subject Alternative Name: DNS Name=whatever.com DNS Name=www.whatever.com
Key Usage: KeyEncipherment, DigitalSignature
Enhanced Key Usage: Server Authentication (1.3.6.1.5.5.7.3.1),Client
Authentication (1.3.6.1.5.5.7.3.2)
Basic Constraints: Subject Type=End Entity, Path Length Constraint=None
Certificate verified.
And, I also have run an SLL Checker and it returns:
whatever.com resolves to My.Public.IP.Address
Server Type: Microsoft-IIS/8.5
No SSL certificates were found on whatever.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
The certificate passed the SSL Diagnostics but it has some problem. I didn't get it. How could I enable https protocol for my site? Many thanks!
asp.net ssl iis https ssl-certificate
asp.net ssl iis https ssl-certificate
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
edited Nov 14 '18 at 23:11
Dongwei Shi
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
asked Nov 14 '18 at 2:24
Dongwei ShiDongwei Shi
276
276
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
@John Wu I could only access to the site through https protocol from a browser on the server by adding172.0.0.1 whatever.comin the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!
– Dongwei Shi
Nov 14 '18 at 23:17
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35
add a comment |
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
@John Wu I could only access to the site through https protocol from a browser on the server by adding172.0.0.1 whatever.comin the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!
– Dongwei Shi
Nov 14 '18 at 23:17
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
@John Wu I could only access to the site through https protocol from a browser on the server by adding
172.0.0.1 whatever.com in the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!– Dongwei Shi
Nov 14 '18 at 23:17
@John Wu I could only access to the site through https protocol from a browser on the server by adding
172.0.0.1 whatever.com in the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!– Dongwei Shi
Nov 14 '18 at 23:17
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35
add a comment |
1 Answer
1
active
oldest
votes
Problem solved.
As @John Wu said, this is not a programming problem but a network gateway problem.
First, the certificate has no problem and so does the server/firewall setting.
The problem occurred in the network gateway of the cloud service provider that blocked the 443 port inbound and outbound. In my case, I am using AliCloud server and it blocked every request which went through 443 port from the public network. And this is why I could only get access to the SSL website through the browser on the server.
The solution is very simple. The only thing needs to do is to inform the cloud service provider to open the 443 port. In my case, I just added the 443/443 port authorization in the control panel of the cloud servers and then everything fixed.
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53292302%2fhow-to-enable-https-in-iis%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Problem solved.
As @John Wu said, this is not a programming problem but a network gateway problem.
First, the certificate has no problem and so does the server/firewall setting.
The problem occurred in the network gateway of the cloud service provider that blocked the 443 port inbound and outbound. In my case, I am using AliCloud server and it blocked every request which went through 443 port from the public network. And this is why I could only get access to the SSL website through the browser on the server.
The solution is very simple. The only thing needs to do is to inform the cloud service provider to open the 443 port. In my case, I just added the 443/443 port authorization in the control panel of the cloud servers and then everything fixed.
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
add a comment |
Problem solved.
As @John Wu said, this is not a programming problem but a network gateway problem.
First, the certificate has no problem and so does the server/firewall setting.
The problem occurred in the network gateway of the cloud service provider that blocked the 443 port inbound and outbound. In my case, I am using AliCloud server and it blocked every request which went through 443 port from the public network. And this is why I could only get access to the SSL website through the browser on the server.
The solution is very simple. The only thing needs to do is to inform the cloud service provider to open the 443 port. In my case, I just added the 443/443 port authorization in the control panel of the cloud servers and then everything fixed.
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
add a comment |
Problem solved.
As @John Wu said, this is not a programming problem but a network gateway problem.
First, the certificate has no problem and so does the server/firewall setting.
The problem occurred in the network gateway of the cloud service provider that blocked the 443 port inbound and outbound. In my case, I am using AliCloud server and it blocked every request which went through 443 port from the public network. And this is why I could only get access to the SSL website through the browser on the server.
The solution is very simple. The only thing needs to do is to inform the cloud service provider to open the 443 port. In my case, I just added the 443/443 port authorization in the control panel of the cloud servers and then everything fixed.
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
Problem solved.
As @John Wu said, this is not a programming problem but a network gateway problem.
First, the certificate has no problem and so does the server/firewall setting.
The problem occurred in the network gateway of the cloud service provider that blocked the 443 port inbound and outbound. In my case, I am using AliCloud server and it blocked every request which went through 443 port from the public network. And this is why I could only get access to the SSL website through the browser on the server.
The solution is very simple. The only thing needs to do is to inform the cloud service provider to open the 443 port. In my case, I just added the 443/443 port authorization in the control panel of the cloud servers and then everything fixed.
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
answered Nov 15 '18 at 23:07
Dongwei ShiDongwei Shi
276
276
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53292302%2fhow-to-enable-https-in-iis%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Without more information, there are too many possibilities to cover in this sort of forum. I suggest checking the W3C logs to ensure the traffic is being received and is coming in on the right port, and to check for strange patterns such as a redirect loop. Also, try accessing the site from a browser running on the server itself, bearing in mind that the browser might try a CRL check that could be blocked by the server infrastructure.
– John Wu
Nov 14 '18 at 3:33
Run a report docs.jexusmanager.com/tutorials/ssl-diagnostics.html and edit your question to include it. You might need to run another report docs.jexusmanager.com/tutorials/binding-diagnostics.html
– Lex Li
Nov 14 '18 at 14:00
@John Wu I could only access to the site through https protocol from a browser on the server by adding
172.0.0.1 whatever.comin the host file. And I pretty much sure that the certificate does not expire. I will find a way out to check the W3C logs. Thanks!– Dongwei Shi
Nov 14 '18 at 23:17
If you can access the web site via https from the server but from nowhere else, the likely culprit is a firewall or other network node blocking inbound on port 443. This could happen for example in a data center with SSL offloading and termination at the perimeter, which would preclude any need for 443 within. There's probably 100 other possibilities. Anyway, this doesn't sound like a programming problem at all.
– John Wu
Nov 14 '18 at 23:35