Re: Win2003 Upgrade Broke SSL?
From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 02/28/05
- Next message: Bernard: "Re: httpcfg errors?"
- Previous message: Rafal W.: "Re: Web server time out, where to bump it up?"
- In reply to: JohnF: "Win2003 Upgrade Broke SSL?"
- Next in thread: David Wang [Msft]: "Re: Win2003 Upgrade Broke SSL?"
- Reply: David Wang [Msft]: "Re: Win2003 Upgrade Broke SSL?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 28 Feb 2005 13:57:00 +0800
who is the CA of the cert ? do you installed the trusted root and
intermmediate root cert as well ?
Don't think this apply to w2k3. but you can refer it
"Certificate Services Did Not Start" Message Appears in the Event Log Even
Though the Certificate Services Component Starts Successfully
http://support.microsoft.com/?id=822626
-- Regards, Bernard Cheah http://www.tryiis.com/ http://support.microsoft.com/ http://www.msmvps.com/bernard/ "JohnF" <JohnF@discussions.microsoft.com> wrote in message news:93D0BCB4-C7CD-4499-937D-845A2A62CF95@microsoft.com... > All, > > I recently upgraded my Exchange 2000 server/Windows 2000. I installed > Exchange 2003 and then upgraded to Windows 2003 server. > > In doing so, it broke SSL. I'm not sure why or how a mere upgrade did > this, > but it did - it could be my lack of knowledge with new features in Windows > 2003 server. I do remember specifically it wasn't the upgrade to Exchange > 2003 that broke it, it was only AFTER I ran the Windows 2003 Server > upgrade > installation. IIS manager would not let me start the "default web page", > which housed our intranet, because it could not start SSL on port 443. > Because we don't use SSL and only use internal webpages, I simply changed > the > port to 444 in the interim. After applying this change, the IIS service > would > then start, and it would serve both the Intranet and OWA fine. It has been > working fine like this, without SSL on 443, for a couple of months. > > I have since discovered that some other service (?) might be starting > before > IIS, and is binding the SSL port (0.0.0.0:443) first. It might be "locking > out" IIS from starting properly when you leave SSL on its default port of > 443. If you do a netstat, you discover port 443 is listening, which I'm > assuming is the problem. > > My problem is now I want to enable SSL on port 443, and I'm still not sure > what's stopping it from doing so. Because I've never needed to use SSL, > I've > not bothered fixing it, but I need it now. I need to get IIS running the > default web page on port 443 and not on my temporary fix of port 444. > > If you have any ideas or suggestions, or have indeed experienced this > problem when upgrading Exchange 2000 - Exchange 2003, I'd love to hear > from > you. Googling has given me few clues. > > Thanks. > > PS running SSL diags reveals the following problem if this helps. (it is a > hp server) > > Verifying server certificate, it might take a while... > #WARNING:Error 0x800b0109 : A certificate chain processed, but terminated > in > a root certificate which is not trusted by the trust provider > Server certificate name: 10.1.1.1 > Server certificate subject: C=US, O=Hewlett-Packard Company, CN=10.1.1.1 > Server certificate issuer: C=US, O=Hewlett-Packard Company, CN=10.1.1.1 > Server certificate validity: From 2/16/2004 4:03:45 PM To 2/13/2014 > 4:03:45 PM > > >
- Next message: Bernard: "Re: httpcfg errors?"
- Previous message: Rafal W.: "Re: Web server time out, where to bump it up?"
- In reply to: JohnF: "Win2003 Upgrade Broke SSL?"
- Next in thread: David Wang [Msft]: "Re: Win2003 Upgrade Broke SSL?"
- Reply: David Wang [Msft]: "Re: Win2003 Upgrade Broke SSL?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
