"Kansas" wrote:

> We just upgraded to Server 2003 and we run a program that now requires https.
>  The certificate was installed to change the site along with the certificate
> to access the server.  When trying to connect to the https site, I get a page
> cannot be displayed, cannot connect to server or DNS error.  If I try the old
> way, I get the certificate does not match the web address.  When the program
> starts that runs the program, it shows it's listening on the secure port
> (444) and when I run the netstat -an command I didn't see any problems. Port
> 443 is being used by IIS. I can also connect to other SSL sites from the
> server. Any idea what could be causing this?  I've checked some of the other
> postings and noticed that it might be a certificate problem which we're in
> the process of doing.  Thanks

"Kansas" wrote:

> We just upgraded to Server 2003 and we run a program that now requires https.
>  The certificate was installed to change the site along with the certificate
> to access the server.  When trying to connect to the https site, I get a page
> cannot be displayed, cannot connect to server or DNS error.  If I try the old
> way, I get the certificate does not match the web address.  When the program
> starts that runs the program, it shows it's listening on the secure port
> (444) and when I run the netstat -an command I didn't see any problems. Port
> 443 is being used by IIS. I can also connect to other SSL sites from the
> server. Any idea what could be causing this?  I've checked some of the other
> postings and noticed that it might be a certificate problem which we're in
> the process of doing.  Thanks

"Kansas" <Kan***@discussions.microsoft.com> wrote in message
news:EC984F85-4178-498D-85A6-980B2101D7CC@microsoft.com...
> Just an update.  I'm new to this and the certicicates and IIS were set up
> with version 5 instructions. It turns out port 444 was not open, so they
> opened it up. I reinstalled the RSA certificate, restarted the server and
> still was not able to connect.  Same error message as before.  We ended up
> removing the certicates and went back to the original website.  Is there
> much
> of a difference installing certificates between IIS 5 and 6?  Thanks
>
> "Kansas" wrote:
>
>> We just upgraded to Server 2003 and we run a program that now requires
>> https.
>>  The certificate was installed to change the site along with the
>> certificate
>> to access the server.  When trying to connect to the https site, I get a
>> page
>> cannot be displayed, cannot connect to server or DNS error.  If I try the
>> old
>> way, I get the certificate does not match the web address.  When the
>> program
>> starts that runs the program, it shows it's listening on the secure port
>> (444) and when I run the netstat -an command I didn't see any problems.
>> Port
>> 443 is being used by IIS. I can also connect to other SSL sites from the
>> server. Any idea what could be causing this?  I've checked some of the
>> other
>> postings and noticed that it might be a certificate problem which we're
>> in
>> the process of doing.  Thanks

"Bernard Cheah [MVP]" wrote:

> No. should be similiar for IIS 5 and 6.
> I still don't get what's the error statement, you cert can't bind to port
> 444 ?
> have you change the binding port ? restart https service?
> do a netstat -an to check the status ? why not use 443 ? or ?
>
> --
> Regards,
> Bernard Cheah
> http://www.iis.net/
> http://www.iis-resources.com/
> http://msmvps.com/blogs/bernard/
>
>
> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
> news:EC984F85-4178-498D-85A6-980B2101D7CC@microsoft.com...
> > Just an update.  I'm new to this and the certicicates and IIS were set up
> > with version 5 instructions. It turns out port 444 was not open, so they
> > opened it up. I reinstalled the RSA certificate, restarted the server and
> > still was not able to connect.  Same error message as before.  We ended up
> > removing the certicates and went back to the original website.  Is there
> > much
> > of a difference installing certificates between IIS 5 and 6?  Thanks
> >
> > "Kansas" wrote:
> >
> >> We just upgraded to Server 2003 and we run a program that now requires
> >> https.
> >>  The certificate was installed to change the site along with the
> >> certificate
> >> to access the server.  When trying to connect to the https site, I get a
> >> page
> >> cannot be displayed, cannot connect to server or DNS error.  If I try the
> >> old
> >> way, I get the certificate does not match the web address.  When the
> >> program
> >> starts that runs the program, it shows it's listening on the secure port
> >> (444) and when I run the netstat -an command I didn't see any problems.
> >> Port
> >> 443 is being used by IIS. I can also connect to other SSL sites from the
> >> server. Any idea what could be causing this?  I've checked some of the
> >> other
> >> postings and noticed that it might be a certificate problem which we're
> >> in
> >> the process of doing.  Thanks
>
>
>

"Kansas" <Kan***@discussions.microsoft.com> wrote in message
news:547D6D8D-9331-4C56-9F85-A2BEC7B31A89@microsoft.com...
> Our original site linked to a program's html file.  You would connect as
> http:<ip address>/program. The instructions had us install certificates on
> the default website with SSL not enabled (using port 443) in the IIS.  SSL
> would be enabled in IIS on the program's web site changing the program's
> address to https://program.smith.com/program. We were then instructed to
> add
> a certificate to the program.  These errors we received when trying to
> troubleshoot:
> connecting to http://<ip address>/program resulted in having to add an 's'
> after the http.  When attempting to access the site with https://<ip
> address>/program we got a message that the address does not match the
> certificate.  When attempting to access the site by
> https://program.smith.com/program we got the "cannot find server or DNS
> error"  It turns out port 444 was closed and subsequently opened but still
> no
> success in getting to the site. The instructions had us obtain a
> certificate
> for IIS using the new address (program.smith.com). The certificate for the
> program was for the actual server domain name. Could it be that the
> certificate names have to match? The instructions also had us check the
> Require SSL and Ignore Client Certifictes under the program in IIS.  When
> I
> tried changing it in IIS to Ignore, I would get a message that this would
> prevent everyone from accessing.
>
> "Bernard Cheah [MVP]" wrote:
>
>> No. should be similiar for IIS 5 and 6.
>> I still don't get what's the error statement, you cert can't bind to port
>> 444 ?
>> have you change the binding port ? restart https service?
>> do a netstat -an to check the status ? why not use 443 ? or ?
>>
>> --
>> Regards,
>> Bernard Cheah
>> http://www.iis.net/
>> http://www.iis-resources.com/
>> http://msmvps.com/blogs/bernard/
>>
>>
>> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
>> news:EC984F85-4178-498D-85A6-980B2101D7CC@microsoft.com...
>> > Just an update.  I'm new to this and the certicicates and IIS were set
>> > up
>> > with version 5 instructions. It turns out port 444 was not open, so
>> > they
>> > opened it up. I reinstalled the RSA certificate, restarted the server
>> > and
>> > still was not able to connect.  Same error message as before.  We ended
>> > up
>> > removing the certicates and went back to the original website.  Is
>> > there
>> > much
>> > of a difference installing certificates between IIS 5 and 6?  Thanks
>> >
>> > "Kansas" wrote:
>> >
>> >> We just upgraded to Server 2003 and we run a program that now requires
>> >> https.
>> >>  The certificate was installed to change the site along with the
>> >> certificate
>> >> to access the server.  When trying to connect to the https site, I get
>> >> a
>> >> page
>> >> cannot be displayed, cannot connect to server or DNS error.  If I try
>> >> the
>> >> old
>> >> way, I get the certificate does not match the web address.  When the
>> >> program
>> >> starts that runs the program, it shows it's listening on the secure
>> >> port
>> >> (444) and when I run the netstat -an command I didn't see any
>> >> problems.
>> >> Port
>> >> 443 is being used by IIS. I can also connect to other SSL sites from
>> >> the
>> >> server. Any idea what could be causing this?  I've checked some of the
>> >> other
>> >> postings and noticed that it might be a certificate problem which
>> >> we're
>> >> in
>> >> the process of doing.  Thanks
>>
>>
>>

"Funkadyleik Spynwhanker" wrote:

> You are mixing some problems together.  It would be a lot simpler if you
> didn't do that.
>
> You need to verify with absolute certainty that port 444 is open.  From an
> OUTSIDE computer, use telnet to see if the web server responds.
>
> Open command line
> type "telnet websitename 444"
> press enter
> wait.
>
> IF, you get a cursor and nothing, press the enter key several times.  Does
> it spit out some stuff and quit?  If yes, port 444 is open.  If it quits
> saying "time out" after several seconds, port 444 is closed.  If it quits in
> a fraction of a second with "connection refused" it might be open, but not
> set up on the server correctly yet.
>
> For practice, try the same thing with "telnet websitename 80" to see what it
> is supposed to look like.
>
> Work on this problem until you _know_ the port is open.
>
> Also, from inside your network, make sure you can access the web site on
> 444, like this:  http://websitename:444  If you can't you don't have that
> set up correctly yet.
>
> So... WHY are you doing 444?  Because you have only one IP address?
>
> A certificate won't work correctly with the IP address because the
> hostname/IP/cert matchup is a unique one.  So of course you get an error
> when you do that.
>
> Normally, a cert setup is ONE IP, ONE hostname and ONE web.  If you try
> anything else it gets complicated (as you have discovered).
>
>
> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
> news:547D6D8D-9331-4C56-9F85-A2BEC7B31A89@microsoft.com...
> > Our original site linked to a program's html file.  You would connect as
> > http:<ip address>/program. The instructions had us install certificates on
> > the default website with SSL not enabled (using port 443) in the IIS.  SSL
> > would be enabled in IIS on the program's web site changing the program's
> > address to https://program.smith.com/program. We were then instructed to
> > add
> > a certificate to the program.  These errors we received when trying to
> > troubleshoot:
> > connecting to http://<ip address>/program resulted in having to add an 's'
> > after the http.  When attempting to access the site with https://<ip
> > address>/program we got a message that the address does not match the
> > certificate.  When attempting to access the site by
> > https://program.smith.com/program we got the "cannot find server or DNS
> > error"  It turns out port 444 was closed and subsequently opened but still
> > no
> > success in getting to the site. The instructions had us obtain a
> > certificate
> > for IIS using the new address (program.smith.com). The certificate for the
> > program was for the actual server domain name. Could it be that the
> > certificate names have to match? The instructions also had us check the
> > Require SSL and Ignore Client Certifictes under the program in IIS.  When
> > I
> > tried changing it in IIS to Ignore, I would get a message that this would
> > prevent everyone from accessing.
> >
> > "Bernard Cheah [MVP]" wrote:
> >
> >> No. should be similiar for IIS 5 and 6.
> >> I still don't get what's the error statement, you cert can't bind to port
> >> 444 ?
> >> have you change the binding port ? restart https service?
> >> do a netstat -an to check the status ? why not use 443 ? or ?
> >>
> >> --
> >> Regards,
> >> Bernard Cheah
> >> http://www.iis.net/
> >> http://www.iis-resources.com/
> >> http://msmvps.com/blogs/bernard/
> >>
> >>
> >> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
> >> news:EC984F85-4178-498D-85A6-980B2101D7CC@microsoft.com...
> >> > Just an update.  I'm new to this and the certicicates and IIS were set
> >> > up
> >> > with version 5 instructions. It turns out port 444 was not open, so
> >> > they
> >> > opened it up. I reinstalled the RSA certificate, restarted the server
> >> > and
> >> > still was not able to connect.  Same error message as before.  We ended
> >> > up
> >> > removing the certicates and went back to the original website.  Is
> >> > there
> >> > much
> >> > of a difference installing certificates between IIS 5 and 6?  Thanks
> >> >
> >> > "Kansas" wrote:
> >> >
> >> >> We just upgraded to Server 2003 and we run a program that now requires
> >> >> https.
> >> >>  The certificate was installed to change the site along with the
> >> >> certificate
> >> >> to access the server.  When trying to connect to the https site, I get
> >> >> a
> >> >> page
> >> >> cannot be displayed, cannot connect to server or DNS error.  If I try
> >> >> the
> >> >> old
> >> >> way, I get the certificate does not match the web address.  When the
> >> >> program
> >> >> starts that runs the program, it shows it's listening on the secure
> >> >> port
> >> >> (444) and when I run the netstat -an command I didn't see any
> >> >> problems.
> >> >> Port
> >> >> 443 is being used by IIS. I can also connect to other SSL sites from
> >> >> the
> >> >> server. Any idea what could be causing this?  I've checked some of the
> >> >> other
> >> >> postings and noticed that it might be a certificate problem which
> >> >> we're
> >> >> in
> >> >> the process of doing.  Thanks
> >>
> >>
> >>
>
>
>

"Funkadyleik Spynwhanker" <youreallywantoemailmepu***@winblows.gov> wrote in
message news:YWLZg.7441$5i7.3694@newsreading01.news.tds.net...
> You are mixing some problems together.  It would be a lot simpler if you
> didn't do that.
>
> You need to verify with absolute certainty that port 444 is open.  From an
> OUTSIDE computer, use telnet to see if the web server responds.
>
> Open command line
> type "telnet websitename 444"
> press enter
> wait.
>
> IF, you get a cursor and nothing, press the enter key several times.  Does
> it spit out some stuff and quit?  If yes, port 444 is open.  If it quits
> saying "time out" after several seconds, port 444 is closed.  If it quits
> in a fraction of a second with "connection refused" it might be open, but
> not set up on the server correctly yet.
>
> For practice, try the same thing with "telnet websitename 80" to see what
> it is supposed to look like.
>
> Work on this problem until you _know_ the port is open.
>
> Also, from inside your network, make sure you can access the web site on
> 444, like this:  http://websitename:444  If you can't you don't have that
> set up correctly yet.
>
> So... WHY are you doing 444?  Because you have only one IP address?
>
> A certificate won't work correctly with the IP address because the
> hostname/IP/cert matchup is a unique one.  So of course you get an error
> when you do that.
>
> Normally, a cert setup is ONE IP, ONE hostname and ONE web.  If you try
> anything else it gets complicated (as you have discovered).
>
>
> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
> news:547D6D8D-9331-4C56-9F85-A2BEC7B31A89@microsoft.com...
>> Our original site linked to a program's html file.  You would connect as
>> http:<ip address>/program. The instructions had us install certificates
>> on
>> the default website with SSL not enabled (using port 443) in the IIS.
>> SSL
>> would be enabled in IIS on the program's web site changing the program's
>> address to https://program.smith.com/program. We were then instructed to
>> add
>> a certificate to the program.  These errors we received when trying to
>> troubleshoot:
>> connecting to http://<ip address>/program resulted in having to add an
>> 's'
>> after the http.  When attempting to access the site with https://<ip
>> address>/program we got a message that the address does not match the
>> certificate.  When attempting to access the site by
>> https://program.smith.com/program we got the "cannot find server or DNS
>> error"  It turns out port 444 was closed and subsequently opened but
>> still no
>> success in getting to the site. The instructions had us obtain a
>> certificate
>> for IIS using the new address (program.smith.com). The certificate for
>> the
>> program was for the actual server domain name. Could it be that the
>> certificate names have to match? The instructions also had us check the
>> Require SSL and Ignore Client Certifictes under the program in IIS.  When
>> I
>> tried changing it in IIS to Ignore, I would get a message that this would
>> prevent everyone from accessing.
>>
>> "Bernard Cheah [MVP]" wrote:
>>
>>> No. should be similiar for IIS 5 and 6.
>>> I still don't get what's the error statement, you cert can't bind to
>>> port
>>> 444 ?
>>> have you change the binding port ? restart https service?
>>> do a netstat -an to check the status ? why not use 443 ? or ?
>>>
>>> --
>>> Regards,
>>> Bernard Cheah
>>> http://www.iis.net/
>>> http://www.iis-resources.com/
>>> http://msmvps.com/blogs/bernard/
>>>
>>>
>>> "Kansas" <Kan***@discussions.microsoft.com> wrote in message
>>> news:EC984F85-4178-498D-85A6-980B2101D7CC@microsoft.com...
>>> > Just an update.  I'm new to this and the certicicates and IIS were set
>>> > up
>>> > with version 5 instructions. It turns out port 444 was not open, so
>>> > they
>>> > opened it up. I reinstalled the RSA certificate, restarted the server
>>> > and
>>> > still was not able to connect.  Same error message as before.  We
>>> > ended up
>>> > removing the certicates and went back to the original website.  Is
>>> > there
>>> > much
>>> > of a difference installing certificates between IIS 5 and 6?  Thanks
>>> >
>>> > "Kansas" wrote:
>>> >
>>> >> We just upgraded to Server 2003 and we run a program that now
>>> >> requires
>>> >> https.
>>> >>  The certificate was installed to change the site along with the
>>> >> certificate
>>> >> to access the server.  When trying to connect to the https site, I
>>> >> get a
>>> >> page
>>> >> cannot be displayed, cannot connect to server or DNS error.  If I try
>>> >> the
>>> >> old
>>> >> way, I get the certificate does not match the web address.  When the
>>> >> program
>>> >> starts that runs the program, it shows it's listening on the secure
>>> >> port
>>> >> (444) and when I run the netstat -an command I didn't see any
>>> >> problems.
>>> >> Port
>>> >> 443 is being used by IIS. I can also connect to other SSL sites from
>>> >> the
>>> >> server. Any idea what could be causing this?  I've checked some of
>>> >> the
>>> >> other
>>> >> postings and noticed that it might be a certificate problem which
>>> >> we're
>>> >> in
>>> >> the process of doing.  Thanks
>>>
>>>
>>>
>
>