Using SNI on Windows Server 2012 R2 not working

sni iis windows-server-2012-r2
7,088

Answering this on behalf of Shane Madden and s093294

Shane: I wonder if the non-SNI bind on that IP is making a difference for some reason.. Any change if that binding is disabled?

s093294: Okay. That was the problem. I removed it with netsh http delete. Now I just need to figure out why it was there in the first place. Its an automated setup that deploys a machine on azure cloud services.

Share:
7,088

Related videos on Youtube

Poul K. Sørensen
Author by

Poul K. Sørensen

https://www.linkedin.com/in/pksorensen/ I can provide you with Azure, D365 and Sharepoint consultants. I work myself with Azure :)

Updated on September 18, 2022

Comments

  • Poul K. Sørensen
    Poul K. Sørensen almost 2 years

    enter image description here

    I am trying to get both my sites running with their seperate certificates on a Windows Server 2012 R2.

    Should this not be possible?

    On the last added site www.c1get.net I get the certificate from the first site and a warning therefore.

    Update

    SSL Certificate bindings:
-------------------------

    IP:port                      : 0.0.0.0:443
    Certificate Hash             : fabae896e032f9ba08b389d8c9ecd33908fabe31
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : My
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled

    IP:port                      : 100.88.158.59:443
    Certificate Hash             : 09ee7268be2509e3262dcae9df10563dce265bd3
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : MY
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled

    Hostname:port                : owindemo.s-innovations.net:443
    Certificate Hash             : 09ee7268be2509e3262dcae9df10563dce265bd3
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : My
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled

    Hostname:port                : demo009.s-innovations.net:443
    Certificate Hash             : 09ee7268be2509e3262dcae9df10563dce265bd3
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : My
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled

    Hostname:port                : www.s-innovations.net:443
    Certificate Hash             : 09ee7268be2509e3262dcae9df10563dce265bd3
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : My
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled

    Hostname:port                : www.c1get.net:443
    Certificate Hash             : fabae896e032f9ba08b389d8c9ecd33908fabe31
    Application ID               : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    Certificate Store Name       : My
    Verify Client Certificate Revocation : Enabled
    Verify Revocation Using Cached Client Certificate Only : Disabled
    Usage Check                  : Enabled
    Revocation Freshness Time    : 0
    URL Retrieval Timeout        : 0
    Ctl Identifier               : (null)
    Ctl Store Name               : (null)
    DS Mapper Usage              : Disabled
    Negotiate Client Certificate : Disabled
  • bbRLdev
    bbRLdev over 7 years
    Had the same issue with Azure cloud service deploy and SNI config. I know it's very old quesiton, but any luck with figuring out what was the reason for default records in netsh http sslcert?
  • Lex Li
    Lex Li almost 4 years
    Sounds like a comment, not an answer.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

"Object named IIS_IUSRS could not be found" when adding user to PHP sessions directory iis 8
IIS welcome page not working from the local Machine
Can't remove iis from Windows Server 2012 R2
Can't start IIS website on port 443, even though netstat shows nothing listening on 443
Trying to start app pool via Powershell Script - getting error intermittently
Can't connect to IIS site on network IP
Serve websites from multiple servers behind a single IP
How to enable incoming and outgoing world wide web traffic in IIS
How can I debug Windows server 2016 IIS "ERROR 404 - File or directory not found"
What happened to the ASP.NET account in Windows Server 2012 R2 and IIS 8.5?