3

I am having problems accessing a website, that recentely got SSL-security, on the server side.

Accessing the website like normal is not a problem, but when I try to open the website on the server that hosts it - it simply will not open.

This is not the only site on this server and I can access all of them, except the ones that has SSL security.

This causes a problem because the website in question contains an API-service and some of the other sites need to connect to this API.

But connecting to this website through xmlHttpRequest (and other such codes) is not working.

I would prefer not to have to rewrite all the codes for these other sites, when all the functionality is available in the API. (This would also mean making changes in so many different places as the services evolve and change.)

What can cause this problem and how do I fix it?

EDIT: There is another SSL-secured site on this server, and I was misinformed about its status. This other website can be accessed on the server side. I will go through all settings on the IIS and firewall on the server to find why they behave differently.

EDIT: I've found a solution by changing the rewrite rule - which forces the use of https - to not apply to the internal address (127.0.0.1). I am now able to access the website from the server-side.

This does not solve the problem, it is just a temporary fix to avoid the problem.

Levi
  • 185
  • 1
  • 2
  • 9

2 Answers2

1

If you access your site by name localhost and when your SSL certificate is configured to a hostname (or some other name), your client may refuse to connect to it. It is difficult to say how to fix the problem without knowing the specifics, but you can either try making your requests with the same name that is in the SSL certificate or try turning off client server validation, but then you lose the security SSL is providing.

isido
  • 61
  • 4
  • I am not trying to connect through anything like "localhost". I've found a possible solution though; check my last edit. – Levi Apr 08 '14 at 11:10
  • What error message you get, when trying to connect from client? Some clients, like curl doesn't accept self-signed certificates by default which browsers do (although not without complaining). – isido Apr 08 '14 at 15:43
  • The certificates are not self-signed, they are from GoDaddy. I get **This page can't be displayed** in IE and **Website not available** in Chrome (these are translated by me) - this is when I try to access the website on the server that hosts the site. On any other computer, I can access the website. – Levi Apr 10 '14 at 09:58
  • Ok. What happens with `https://localhost` and `https://127.0.0.1` ?(If the latter works, then its's probably ipv6 issue) Also, can you get more detailed error code from IIS logs: http://support.microsoft.com/kb/318380/en-us ? – isido Apr 10 '14 at 18:24
  • None of those work, the website cannot be accessed without the domain-name in the header (whatever this is called). This is because there are multiple websites on this server, and some are on the same port. – Levi Apr 11 '14 at 11:57
1

Can add hosts entry for the website and access it using domain name. This way the SSL handshake will work

Karthik
  • 114
  • 4
  • You mean by editing the `c:\Windows\System32\Drivers\etc\hosts` file? How would such an entry look like? – Levi Jun 15 '17 at 20:50
  • This issue was avoided by making an exception in the rewrite rules for IP 127.0.0.1. That has been the _solution_ since I posted this, and we simply forgot about it. The problem resurfaced a month ago, and I've learned to use the hosts file, so I solved it using your suggestion. I've therefore marked this as the correct answer. Thanks :) – Levi Dec 24 '19 at 16:32