Skip to main content

Cannot Set up HTTPS site on IIS and windows server 2012 [Resolved]

I seem to have a strange problem. I had an HTTPS site with an SSL certificate set up on a windows 2012 server and it ran fine but it was not on the default 443 port. So to access the site you would type https://test.site.com:1234. The site was linked to an external IP so you could access it from outside the network using https://test.site.com:1234. I now need it to run on the default 443 port. After editing the bindings the site is no longer accessible externally and If I try accessing it from a local network using the local IP I get an SSL error and if I accept then I'm directed to a 404 page.

Putting the site back on to the 1234 port makes it accessible again. So to me, it seems as if something is up with the port.

The site 'test.site.com' isn't a registered domain so I don't know if that would be part of the problem? I checked the firewall and as far as I can see everything seems fine there.

So, the HTTPS site works if it is not running off the default 443 port. Once on the default 443 port, it is inaccessible.

Could the issue be related to the SSL cert or the lack of registered domain name?

edit - I can now access the site via local IP. It is only the external access that a problem.

Thanks


Question Credit: M-Corp
Question Reference
Asked October 6, 2019
Posted Under: Network
23 views
1 Answers

The issue here was due to our ISP. Our ISP manages our firewall. A request was sent to them to open port 443 for incoming and outgoing connections to the machine running the site. They had done this for port 1234 so we expected the same changes to be made. Apparently, the port was opened but also was not ??.. I'm not a network guy so I couldn't understand the issue but from what I could make out was that configuring port 443 for https requires a different set up to configure other ports.

Also when testing you need to make sure that your external IP your machine is using to connect to the net is the same IP linked to the site and SSL cert. For us, we registered IP 12.34.56.78 but when doing a 'what's my IP' from the server it was showing something like 13.46.79.85. Our ISP had to make a change to link the local IP to the correct external IP and then have the local machine connect to the net via the registered IP.

So, in summary, two things needed to be done. The service provider needed to configure the firewall to allow port 443 for https connection and they had to have the local machine running the site connect to the net via the correct IP.

I hope this helps anyone else who has the same issue and is using an outsourced firewall.


credit: M-Corp
Answered October 6, 2019
Your Answer
D:\Adnan\Candoerz\CandoProject\vQA