tugberk's questions

I am stuck in a situation which I cannot figure out. Here is my issue.

I got an SSL certificate from a trusted authority and installed it in my server. Then, I configured my website to use that certificate in port 443 with an IP address which is unused.

Then, I navigated to my web site to see if it works but I see that IIS gives the wrong certificate for this request. So, the browser blocks the response from being rendered.

I thought that IIS did something wrong while configuring and I checked the certificate mappings with the following command:

netsh http show sslcert

I get the Certificate Hash and run the following command to see if the certificate is the one that I need:

get-item cert:\LocalMachine\My\DC0D3FF5D752CD58FD291C48F30646FD9E0D8AED

It is indeed the one I needed. But, strangely I am still getting the wrong certificate when I navigate the web page.

Can u guide me where else I should look and what might be the cause of this?

I created a self-signed certificate on Windows 7 and deployed a web site with this certificate just to try it out.

When I configured the HTTPS endpoint and visit the site with HTTPS protocol, I get the "not a trusted cert" error as expected.

Then I try to make this cert a trusted one on my machine with following PowerShell code:

$cert = (get-item cert:\CurrentUser\MY\1D5B3DEF207B70C7426953315A8C06EB38E50FAA)
$store = get-item cert:\LocalMachine\Root
$store.Open("ReadWrite")
$store.Add($cert)
$store.Close()

It didn't work, I still get the same error. Then, I delete it from trusted certs list and tried with the below code again:

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("c:\certs\foo2.foo.cc.cer")
$store = get-item cert:\LocalMachine\Root
$store.Open("ReadWrite")
$store.Add($cert)
$store.Close()

That didn't work either. What am I missing?

On my Windows Server 2008 R2 machine, I configured to use Server AppFabric Caching features.

It has a nice API which I can implement as default caching provider on my ASP.NET MVC applications.

One question I have in my mind is this: What happens when the memory runs out?

In that machine I have 4GB memory. I looked around but couldn't find anything which enables me to configure max. memory usage for AppFabric.

Any idea how should I act in this situation?

I am getting the following error while I am trying to set up the AppFabric caching on Windows Server 2008 R2:

The 'SQL Server AppFabric Cacing Service Configuration Store Provider' does not support Workgroup configurations. Select a different provider.

Is this a known error? Any idea?

I have a windows server 2008 R2 running IIS 7.5. I also consider getting another dedicated windows server 2008 R2 to set up a web farm framework 2.1.

Which steps do I need to follow?

2 servers are enough for this or do I need at least 3 servers?

I am wondering if rebooting a server in a schedule would be good idea for performance.

Let's say we want to reboot the server at 02:00 AM per 2 nights.

The server here is Windows Server 2008 R2. Mainly, SQL Server and IIS 7.5 (nearly 15 apps running) are running under this server. Server has 4GB memory.

We will have a windows server 2008 r2 in our company. We have some apps which needs to be used only from our office IP. So, I would like to set up a VPN so that a remote worker can connect the internet with the office IP.

A friend of mine just showed me that his company is doing the same thing. He uses a program which enables him to connect the VPN with it.

I have no idea how I can archive this so a head start would be nice for the following questions;

• we reserved a static IP address for our company from the network provider in Turkey. So, how can I make it static on my server?
• How can I set a VPN host on my windows server 2008 r2?
• what does client need in order to access the VPN?

I would like to change the default administrator username on my Windows Server 2008 R2 but not sure whether it would effect my environment badly or not. I am also connecting to my server with this account through remote desktop. Here is the step I came so far but didn't do anything further because I am not use;

Can I go ahead an change the username to whatever I want it to be? will the system need a reboot after this change?

I found the following message inside the DNS Server Event logs.

What I should do has been explained inside the message but not sure what exactly it means.

Log Name: DNS Server

Source: Microsoft-Windows-DNS-Server-Service

Date: 14.08.2011 11:30:57

Event ID: 414

Task Category: None

Level: Warning

Keywords: Classic

User: N/A

Computer: WIN-EG75FS9C2F2

Description:

The DNS server computer currently does not have a DNS domain name. Its DNS name is a single-label host name with no domain (for example: "host" rather than "host.microsoft.com").

You might have forgotten to configure a primary DNS domain for the server computer.

Because the DNS server has only a single-label name, all zones created will have default records (SOA and NS) created using only this single-label name for the server's host name. This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.

To correct this problem:

1) Click Start, and then click Control Panel.

2) Open System and Maintenance , and then open System.

3) Click Change Settings, and then click Change. 4) Click either Domain or Workgroup, and then type the name of the domain or workgroup you want the computer to join; the domain or workgroup name will be used as your DNS domain name.

5) When prompted, restart the computer.

After the computer restarts, the DNS server will attempt to fix up default records, substituting the new DNS name of this server for the old single-label name. However, you should review the zone's SOA and NS records to ensure that they now use the correct domain name of this server.

Event Xml:

<Provider Name="Microsoft-Windows-DNS-Server-Service"

Guid="{guid-comes-here}" EventSourceName="DNS" />

<EventID Qualifiers="32768">414</EventID>

<Version>0</Version>

<Level>3</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x80000000000000</Keywords>

<TimeCreated SystemTime="2011-08-14T08:30:57.000000000Z" />

<EventRecordID>159</EventRecordID>

<Correlation />

<Execution ProcessID="0" ThreadID="0" />

<Channel>DNS Server</Channel>

<Computer>MyComputerName</Computer>

<Security />

<Binary>

</Binary>

I saw a guy a couple of days ago and he was putting his apps inside different app pools for each app. For example:

• example.com inside examplePool - .net 4.0 integrated mode
• example2.com inside example2Pool - .net 4.0 integrated mode
• example3.com inside example3Pool - .net 4.0 integrated mode

I would understand the logic if the settings was different, but they weren't.

What I am doing is the complete opposite. All of my .net 4 apps (there are nearly 20) are running under one app pool.

So what is the best way of doing this on IIS 7.5?

I am trying to support GZip compression for my static files under IIS (which should be enabled by default but not) but not working so far. Here is the the section under <system.webServer> node inside the web.config file of the web app;

<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
  <scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" staticCompressionLevel="9" />
  <dynamicTypes>
    <add mimeType="text/*" enabled="true" />
    <add mimeType="message/*" enabled="true" />
    <add mimeType="application/x-javascript" enabled="true" />
    <add mimeType="application/json" enabled="true" />
    <add mimeType="*/*" enabled="false" />
  </dynamicTypes>
  <staticTypes>
    <add mimeType="text/*" enabled="true" />
    <add mimeType="message/*" enabled="true" />
    <add mimeType="application/x-javascript" enabled="true" />
    <add mimeType="application/atom+xml" enabled="true" />
    <add mimeType="application/xaml+xml" enabled="true" />
    <add mimeType="*/*" enabled="false" />
  </staticTypes>
</httpCompression>

<urlCompression doStaticCompression="true" />

I tried it with Google Chrome. Here are the Request Headers;

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8

Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3

Accept-Encoding:gzip,deflate,sdch

Accept-Language:en-US,en;q=0.8

Cache-Control:no-cache

Connection:keep-alive

Host:my-website-url

Pragma:no-cache

User-Agent:Mozilla/5.0 (Windows NT 6.0) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30

These are the Response Headers;

Accept-Ranges:bytes

Content-Length:232651

Content-Type:application/x-javascript

Date:Thu, 04 Aug 2011 08:58:19 GMT

ETag:"a69135734a50cc1:0"

Last-Modified:Mon, 01 Aug 2011 12:56:37 GMT

Server:Microsoft-IIS/7.5

X-Powered-By:ASP.NET

I check the applicationHost.config file and found some nodes like below;

----

<section name="httpCompression" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />

----

<section name="urlCompression" overrideModeDefault="Allow" />

----

<httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
    <scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" />
    <staticTypes>
        <add mimeType="text/*" enabled="true" />
        <add mimeType="message/*" enabled="true" />
        <add mimeType="application/x-javascript" enabled="true" />
        <add mimeType="application/atom+xml" enabled="true" />
        <add mimeType="application/xaml+xml" enabled="true" />
        <add mimeType="*/*" enabled="false" />
    </staticTypes>
</httpCompression>

----

<urlCompression />

What am I missing here?

I just migrated a web site from one server to another and this domain also has 50+ e-mail accounts. I open new accounts on the new server with same passwords.

I changed DNS pointing to new server.

I am also keeping the old one now in order to miss any e-mail if the e-mail arrives that server.

I am wondering if that's a good idea or not? what should I do here to prevent any e-mail delivery errors if I remove my old app from the old server.

UPDATE

I have just checked the mailboxes on the old server and there are still some e-mail coming there. It has been 12 hours since I changed the DNS.

Is it possible to Install an SSL Certificate in Windows Server 2008 R2 using powershell?

If it's not, is it possible with cmd command line?

I am doing it with mmc now but would it be nice to do that with PowerShell.

what are the possible good and efficient ways of transferring files from one server to another? In this case it will be from windows server 2003 to windows server 2008 r2. I am thinking Powershell cmdlets or batch files could be a help here but not sure.

I don't know mush about DNS Manager in windows server 2008 r2. what is the best Learning Resources for Windows Server 2008 DNS?

I am having problem sending and receiving e-mail after changing the server. I put my website on a windows server 2008 R2. I updated the DNS setting of my domain and it works fine but now I have problems on receiving and sending e-mail to/from e-mail addresses which are all hosted inside same server address. I tried other e-mail addresses and they worked fine.

So what could be the problem here? is it related to my new server or should I dig into the server which hosted the e-mail addresses?

Is giving full control for the NETWORK SERVICE user on c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files folder a good idea?

When I deploy my app on the iis, it started complaining about this access issue.

I mostly develop .net web applications and sometimes client apps on wpf.

Now I use Windows 7 as a development environment on my laptop. I am thinking of installing Windows Server 2008 R2 to my other laptop and use that as a development machine.

In production I am also using Windows Server 2008 R2.

So when we looked at the pros and cons, which one wins here and why? I would appreciate if you could share your experience and thoughts on this.

EDIT

I should probably mention that I am going to be using Visual Studio 2010 Pro. as IDE.

I am using windows server 2008 R2 and IIS 7.5

I deployed my app to that server for the first time and I got the following error;

403 - Forbidden: Access is denied.

You do not have permission to view this directory or page using the credentials that you supplied.

so I make a little search on that and I figured that I should configure Anonymous Authentication <anonymousAuthentication> but I don't know how to do that. It is clearly explained on the following link but not sure if this is the right solution to my problem;

http://www.iis.net/ConfigReference/system.webServer/security/authentication/anonymousAuthentication

if this is the problem, I guess, I should put a similar code block as follows;

<security> 
  <authentication>
   <anonymousAuthentication
      userName="User1"
      password="[enc:AesProvider:57686f6120447564652c2049495320526f636b73:enc]" />
   </authentication>
</security>

if this is the case, how should I provide this code?

should I use AppCmd.exe with powershell?

EDIT ok, I continue to explore and new questions pops up on my head;

1. As far as I got, I need to set machine username and password there. but what kind of user should I set there? where should user have access (which folders)?
2. can I add that configuration inside my web.config file or should I provide this inside applicationHost.config?

I just purchased a windows server 2008 R2 dedicated server from a local vendor. The server will also include SQL Server Web Edition Licence.

I have so little experience on servers and a little above basic info on IIS. I will be ruining asp.net applications on our server and there will be about 13 applications running on the server.

So where should I start here? should I firstly install IIS from control panel? or should I firstly install DNS server?