Application Server Windows Server 2003 SP2 with IIS 6.0
IIS has a "Default Web Site" (port 18000, ssl 443, ID=1) with a certificate created by me. I have an specific site called "scj.galaxy.Weekly" (port 80, ssl 443, ID=1272369728) that is working fine. I have an entry in windows/system32/drivers/etc/hosts that links galaxy.Weekly.scjdev.ds to the server ip in both my local machine and in the application Server.
These sites works:
http://scj.galaxy.weekly/test.html works
http://scj.galaxy.weekly/test.aspx works
But
https://scj.galaxy.weekly/test.html fails
Error message is:
The connection was reset The connection to the server was reset while the page was loading.
The certificate was working fine for months. It was created with something similar to this:
Selfssl /N:CN=*.scjdev.ds /V:3650 /S:1 /P:443
I have tried several options and none of them are working:
- 1) Create a certificate only in "Default Web Site" and link it to SecureBindings with command prompt
cscript adsutil.vbs set /w3svc/1272369728/SecureBindings ":443:galaxy.Weekly.scjdev.ds"
2) Create a certificate only in "Galaxy Site" and link it to SecureBindings
3) Create a certificate in both and link them to secureBindings.
Probably I am missing an step or something, but I can't see it.
Here is the relevant config of Galaxy Site:
<IIsWebServer Location ="/LM/W3SVC/1272369729"
AuthFlags="0"
LogPluginClsid="{FF160663-DE82-11CF-BC0A-00AA006111E0}"
SSLCertHash="c36a514a0be90fbc121d9c19bb052842289d5aee"
SSLStoreName="MY"
SecureBindings=":443:galaxy.Weekly.scjdev.ds"
ServerAutoStart="TRUE"
ServerBindings=":80:galaxy.Weekly.scjdev.ds"
ServerComment="galaxy.Weekly.scjdev.ds"
>
</IIsWebServer>
<IIsWebVirtualDir Location ="/LM/W3SVC/1272369729/root"
AccessFlags="AccessRead | AccessScript"
AppFriendlyName="Default Application"
AppIsolated="2"
AppRoot="/LM/W3SVC/1272369729/Root"
AuthFlags="AuthAnonymous | AuthNTLM"
DefaultDoc="Default.aspx"
DirBrowseFlags="EnableDirBrowsing | DirBrowseShowDate | DirBrowseShowTime | DirBrowseShowSize | DirBrowseShowExtension | DirBrowseShowLongDate"
Path="D:\Webs\Galaxysite"
ScriptMaps="some config... "
>
</IIsWebVirtualDir>
I fixed it finally removing ALL the certificates and stopping ALL the sites when creating the new one.
The key thing is stopping ALL the sites. If you fail to do so, an internal reference will kept hooked, everything will seem ok but will fail when trying to browse any page with https.