IIS7 SSL Services failing.
in [IIS]
|
From: BHMod on 6 Nov 2009 15:46 Approximately 3 months ago I set up a new Windows Server 2008 (non-R2) web server running two sites with SSL services under IIS7. These sites have run very reliably and are virtually downtime free. The server is fully patched and current, and has been scanned several times over the past couple of days for viruses or rootkits, all of which came back clean. Last week I was asked to add a third website to the server. We bound the additional IP address, set up the web services, and bound the new web certificate to that service. Within hours of transitioning the new site to the server, we received a call that the "site was down". I discovered that the site was responding correctly on port 80, but that SSL services on 443 were totally dead for that instance. SSL services continued to work properly for the other two sites on the server. The error log showed no entries. I first attempted to restart that web service, which did not help, and then restarted the entire IIS service (taking three production sites offline), which also did not help, and then restarted the entire computer, which still did not resolve the problem. I eventually went into the bindings for the site, unbound the SSL services, and then re-created the binding. That solved the problem, and the SSL services for the site came right back up. For a day or two anyway. We have now experienced this problem three times in five days, all with the new site. The old ones continue to operate without issue. Has anyone seen anything like this before?
From: Jeffrey Ingalls on 6 Nov 2009 23:46 I have seen this issue in earlier versions of IIS and the cause was due to corruption/bad values in the metabase for the bindings. Try running the SSL Diagnostics for IIS 7.0: http://blogs.msdn.com/vijaysk/archive/2009/09/20/ssl-diagnostics-tool-for-iis-7.aspx If the report doesn't generate any error messages please post back and we can dig a little deeper. All the best, Jeffrey Ingalls "BHMod" wrote: > Approximately 3 months ago I set up a new Windows Server 2008 (non-R2) web > server running two sites with SSL services under IIS7. These sites have run > very reliably and are virtually downtime free. The server is fully patched > and current, and has been scanned several times over the past couple of days > for viruses or rootkits, all of which came back clean. > > Last week I was asked to add a third website to the server. We bound the > additional IP address, set up the web services, and bound the new web > certificate to that service. Within hours of transitioning the new site to > the server, we received a call that the "site was down". I discovered that > the site was responding correctly on port 80, but that SSL services on 443 > were totally dead for that instance. SSL services continued to work properly > for the other two sites on the server. The error log showed no entries. > > I first attempted to restart that web service, which did not help, and then > restarted the entire IIS service (taking three production sites offline), > which also did not help, and then restarted the entire computer, which still > did not resolve the problem. I eventually went into the bindings for the > site, unbound the SSL services, and then re-created the binding. That solved > the problem, and the SSL services for the site came right back up. > > For a day or two anyway. We have now experienced this problem three times in > five days, all with the new site. The old ones continue to operate without > issue. > > Has anyone seen anything like this before?
|
Pages: 1 Prev: iis 7 NAT ip address leak over https Next: Debugging IIS Crash Dumps in VS2010 |