Question

Locked

Anyone know how to configure the HTTPS port?

By jcwfbi ·
I'm trying to get my website to be accessible over https on server 03. I have a lab environment, and I want to configure it to see it work. Installed certificate authority, assigned a certificate to the web site in IIS. I then added an entry in the host file to match the host header of the site. I added a html file in the folder of the path specified for the site so that the contents of the file would appear on screen.
If i type site.com i can access it over http, if I then go and change the security settings and select require secure authentication and 128 bit exc., and then go to the site, I get the message "must be accessed over https:". However if i go to https: instead i get web site unavailable. Any suggestions? What am I missing Thanks...

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

which port

by njcsamuels In reply to Anyone know how to config ...

I'm pretty sure iis forces you to input the port number when setting up https. make sure this port is 443

Collapse -

Reponse To Answer

by jcwfbi In reply to which port

so you have to put like site.com:443? Cause 443 shows as the secure alternate default port..

Collapse -

host header says what? 80 or 443?

by CG IT In reply to Anyone know how to config ...

you can redirect all http to https... take a screen shot of your IIS web site properties page and host header page and post it so we know what it looks like.

Collapse -

Reponse To Answer

by jcwfbi In reply to host header says what? 80 ...

host header says 80 and for secure its says 443. So i actually got the site to load with the https prefix in the url. Now I need to get the yellow lock symbol to appear?
I get a cert error that says cert auth is valid, valid time is good, but name of site doesn't match name of site in cert?

Collapse -

Reponse To Answer

by seanferd In reply to host header says what? 80 ...

"but name of site doesn't match name of site in cert? "

These must match. You can include wildcards for subdomains in certs.

Collapse -

Reponse To Answer

by jcwfbi In reply to host header says what? 80 ...

Yes. Ok so I made them match and cert works. From client machine it says the "publisher cannot be verified" and https is crossed out, test server is ca. So how do i get the client to accept the cert? Thanks everyone...

Collapse -

Have you done ALL of this?

Configure Folder or Web Site to Use SSL/HTTPS
This procedure assumes that your site has already has a certificate assigned to it.

Log on to the Web server computer as an administrator.
Click Start, point to Settings, and then click Control Panel.
Double-click Administrative Tools, and then double click Internet Services Manager.
Select the Web site from the list of different served sites in the left pane.
Right-click the Web site, folder, or file for which you want to configure SSL communication, and then click Properties.
Click the Directory Security tab.
Click Edit.
Click Require secure-channel (SSL) if you want the Web site, folder, or file to require SSL communications.
Click Require 128-bit encryption to configure 128-bit (instead of 40-bit) encryption support.
To allow users to connect without supplying their own certificate, click Ignore client certificates.

Alternatively, to allow a user to supply their own certificate, use Accept client certificates.
To configure client mapping, click Enable client certificate mapping, and then click Edit to map client certificates to users.

If you configure this functionality, you can map client certificates to individual users in Active Directory. You can use this functionality to automatically identify a user according to the certificate they supplied when they access the Web site. You can map users to certificates on a one-to-one basis (one certificate identifies one user) or you can map many certificates to one user (a list of certificates is matched against a specific user according to specific rules. The first valid match becomes the mapping).
Click OK.

Collapse -

Reponse To Answer

by jcwfbi In reply to Have you done ALL of this ...

Got site to load, now I need to get the yellow lock to appear?
I get an error that say name of site does not match name of site in cert...
Does the name of the site need to be the friendly name i give it or the url?
Example name=mysite, url mysite.com. Thanks everyone..

Collapse -

SSL

by Nimmo In reply to Anyone know how to config ...

To get that yellow lock you need to get a trusted certificate, you can't use a self signed certificate you need one from a trusted third party certificate authority.

Collapse -

Reponse To Answer

by jcwfbi In reply to SSL

Thanks for the input. I was finally able to get it to work. I installed ca on my private network using cert services, exported the root authority ca, installed it on my client as trusted in IE, then checked the cert in certmgr.msc. I was there. Tried it in IE and it worked.

Back to Networks Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums