How do I configure a site in IIS 7 for SSL with a wildcard certificate?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by michielvoo on Server Fault See other posts from Server Fault or by michielvoo
Published on 2011-03-04T17:09:58Z Indexed on 2011/03/06 8:11 UTC
Read the original article Hit count: 290

Filed under:
|
|
|

We have an Windows 2008 server with IIS 7 to test sites we develop for our clients. Each site has a binding on a subdomain:

  1. clienta.example.com
  2. clientb.example.com
  3. clientc.example.com

(* Using example.com to protect the innocent)

For one of these sites we now have to test if it works over https.

So I have created a wildcard certificate request with *.example.com as the common name. I have received the certificate (issued by PositiveSSL SA) and completed the request. The certificate is now installed in IIS.

Now I have added an https binding to the second site with the following settings:

type: https IP address: All Unassigned Port: 443 Host name: clientb.example.com SSL certificate: *.example.com

Browsing the site over regular http works fine. When I try to browse the site over https I get the following errors (depending on the browser used):

Chrome

This webpage is not available Error 102 (net::ERR_CONNECTION_REFUSED): Unknown error.

Firefox

Unable to connect Firefox can't establish a connection to the server at clientb.example.com Firebug says Status: Aborted

Internet Explorer

Internet Explorer cannot display the webpage

I have checked Failed Request Tracing, and according to the log the request was completed with status 200.

I have run the SSL Diagnostics Tool with the following result:

System time: Fri, 04 Mar 2011 14:04:35 GMT
Connecting to 192.168.2.95:443
Connected
Handshake: 115 bytes sent
Handshake: 3877 bytes received
Handshake: 326 bytes sent
Handshake: 59 bytes received
Handshake succeeded
Verifying server certificate, it might take a while...
Server certificate name: *.example.com
Server certificate subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.example.com
Server certificate issuer: C=GB, S=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=PositiveSSL CA
Server certificate validity: From 2-3-2011 1:00:00 To 2-3-2012 0:59:59
1:00:00 To 2-3-2012 0:59:59
HTTPS request:
  GET / HTTP/1.0
  User-Agent: SSLDiag
  Accept:*/*
HTTPS: 85 bytes of encrypted data sent
HTTPS: 533 bytes of encrypted data received
Status:
  HTTP/1.1 404 Not Found
  HTTP/1.1 404 Not Found
  Content-Type: text/html; charset=us-ascii
  Server: Microsoft-HTTPAPI/2.0
  Date: Fri, 04 Mar 2011 14:04:35 GMT
  Connection: close
  Content-Length: 315
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
  <HTML><HEAD><TITLE>Not Found</TITLE>
  <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
  <BODY><h2>Not Found</h2>
  <hr><p>HTTP Error 404. The requested resource is not found.</p>
  </BODY></HTML>
HTTPS: server disconnected
Final handshake: 37 bytes sent successfully

Q: What can I do to make this work?

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about iis7

Related posts about ssl

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle