Quantcast
Channel: All Forums
Viewing all 27852 articles
Browse latest View live

How to configure a default web site for https using SNI and CCS

0
0

Hi,

We use IIS8.5 with only the default web site configured, but with thousands of domains pointing to it on the same load-balanced IP.

We are planning to offer https (SSL) for all these thousands of domains. All .pfx certificates will be stored in a Central Certificate Store (CCS) and will bound to the same web site, using the same IP, thanks to the Server Name Indication (SNI) feature.

SNI and CCS works fine for this purpose, but only if we add a explicit bidding for each domain in the default web site, which is not practical for thousands of domains:

<site name="Default Web Site" id="1">
<application path="/">
<virtualDirectory path="/" physicalPath="%SystemDrive%\inetpub\wwwroot" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:80:" />
<binding protocol="https" bindingInformation="*:443:www.domain1.com.br" sslFlags="3" />
<binding protocol="https" bindingInformation="*:443:www.domain2.com.br" sslFlags="3" />
<binding protocol="https" bindingInformation="*:443:www.domain3.com.br" sslFlags="3" />
...
...
...
<binding protocol="https" bindingInformation="*:443:www.otherdomain9998.com.br" sslFlags="3" />
<binding protocol="https" bindingInformation="*:443:www.otherdomain9999.com.br" sslFlags="3" />
...
</bindings>
</site>


I tryed to configure a default https protocol binding, in the same way of the default http protocol binding and using sslFlags="3", which means SNI+CCS:

<site name="Default Web Site" id="1">
<application path="/">
<virtualDirectory path="/" physicalPath="%SystemDrive%\inetpub\wwwroot" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:80:" />
<binding protocol="https" bindingInformation="*:443:" sslFlags="3" />
</bindings>
</site>

With the above configuration, no SSL certificate is served to any browser.

Is ther any other way of configuring a default web site for https using SNI and CCS?

I would really appreciate any help in pointing me to the right direction.

Thank you!

Guilherme


How to find any server in the domain that is running IIS any version?

0
0

Hello,

We are needing to be able to identify any server class machine in the domain that is running IIS.

This could be within the Active Directory domain and a workgroup.

Does anyone have a way to search AD for this using the ADUC or a powershell script?

 

Thanks in advance

403 error when I use APPCMD to create site ON IIS 8.5

0
0

Hi all,

I tried to create a site with follow CMD:  

Appcmd add site /name:"test.constco.com" /id:2099 /bindings:http://test.constco.om:80 /physicalPath:"E:\wwwroot\test.constco.com"

it's success to create the site.   then change applicationpool

appcmd set site /site.name:"test.constco.com" /[path='/'].applicationPool:testcon.com,   also done.

but when I try to access url:  test.constco.com  ,   the page was showing 403 Error-Forbidden:Access is denied.

So i removed this website,  and create site one by one by IIS8.5 management tools,    then I can access  URL.

I dont know what different for these.

any help?

thanks

wildcard & Urlrewriting

0
0

hi.i active my Wildcard with add an A record with a * in my domain.when i enter an arbitrary subdomain,browser open this page(use thishttp://a.khabareani.ir/ if don't have image)

i need a url rewriting(i'm not sure.i think)for redirect this page into my main page.plz help me for this url rewriting.i want use wildcard.

IIS - rewrite rule based on server variable

0
0

is it possible to create rewrite rule in IIS based on server variable matching (instead of URL matching)?

something like this

if servervariable="{HTTP_DISGUISED_HOST}" is matching "abc",

rewrite url="http://www.anothersite.com/{R:0}"

thanks in advance

Rule re-enabled after publishing application?!

0
0

Hey folks!

I've got a problem with my URL Rewriting (which is just a redirect to SSL on the same pages)

Some of my applications in the Default Web do have the SSL Rule enabled and some have them explicit disabled. Default is enabled.

If I publish a new Version of any Application to its folder (via Filesystem publish in Visual Studio) the Rule in IIS will set back to its Default Rule Value.

Is there any way to stop this and save the value from before publish?

I'm using IIS8.5 + URL Rewrite 2

Thanks in advance!

MVC4 File Upload Error in IIS

0
0

Hi..

After deploying MVC4 Application in IIS8, while uploading excel file to File Upload i am getting the error

the 'microsoft.jet.oledb.4.0' provider is not registered on the local machine in iis

..Even if i enable 32.bit true, App Pool stops. but it running properly with visual studio

IIS 7.5 FTP over SSL error with TLS 1.2

0
0

Hi together,

there is a issue with TLS 1.2, FTP over TLS/SSL and IIS.

The good is, MS released an update for IIS 8: http://support.microsoft.com/kb/2888853/

The bad is, all prior IIS versions are affected but there is no patch for it.

Some details (beside the support article) are described and discussed here: https://forum.filezilla-project.org/viewtopic.php?t=27898

So i hope for a fix in the near future (cause there must be a code base that can be backported), what can i do in the meantime? Is there a way to activate/deactivate TLS per site not machine level? So i can disable TLS 1.2 for the FTP site but not the HTTPS sites...

Kind reagards


Moodle 2.7 Installation Problem

Can't access FTP using "Map Network Drive" via IIS in Server 2012

0
0

Hi all,

Need help!!
I have 2 Servers (consider the names as A & B) in my environment both running with Server 2012 Std Editions, with IP's in 192.168.235.X ranges

All I want is to set up a FTP Server.
Hence I have installed the IIS, FTP roles and services properly in the Server A. The firewall ports and all are opened for port 21. I was able to set up the FTP Server successfully in this Server A.

The main issue is described as below:
I have shared a folder from the Server B and mapped shared drive as X in Server A. I have added the Administrator and Everyone as security groups. So, I have created another FTP site and pointed the mapped network drive X as the destination of this newly created FTP site.

While I try to access the newly FTP site via IE, ftp://192.168.253.X im getting authentication prompt.
"To log on to this FTP Server, type a user name and password"
I have tried the Admin user name and password but still its not accepting the same also tried by checking the anonymous authentication on but still the same.

FTP Authentication - Anonymous Authentication - Allowed
FTP Authorization Rules -  Anonymous Users - Allowed

So, in general I would like to know the reason why the FTP Server is not working when I changed the destination to the mapped drive while it was working for the local drive which was present in the same Server.

Thanks in advance,
Qucik reponses are much appriciated

Working process can't access site root folder

0
0

I have two servers (Windows Server 2008 R2), one for testing, and one for staging/production areas. My web application uses NLog library for logging.

When I create a new site on the test server and then publish web-app to it, NLog is able to log into site's '{root}\log' folder. However, when publishing to production/staging server, NLog throws exception that it can't access to '{root}\log'.

In site root folder security settings on both servers I see a 'user' named after sites' application pool name, both only have access to read this folder. But on the test server web-app is able to actually write it's log there, when on the staging/production server I have to give to that application pool's 'user' full access to the site root folder for it to be able to write its log.

Why is that difference could be? My test server has mostly default settings, but I can't know what settings could have been applied to the staging/production one.

W3wp.exe goes to 98% when outputing response

0
0

Hi,

We have an application that has been running fine on windows 2003, .Net 4.0 and IIS 6 for several years.  After moving to windows 2008 R2 and IIS 7.5 a problem showed up.  When outputting a particular html page, intermittently, the page will display a portion of the response and the w3wp.exe process goes to 98 % and locks up the windows server.  I have discovered that if I comment out one line of the page output, "<span id=""mode"" style='display:none'></span>", the page will display properly.  Unfortunately, this one line is used for a lot of purposes in the application and is crucial.

Does anyone have any idea what might be causing the problem?

Thanks.

Is this the correct way to run multiple websites on a local domain?

0
0

Hi,

I've created a test domain called (test.com), and I would like to know if this is the correct way of setting up the running of an internal Web Server?

e.g

My DC (DC.test.com) is acting as my DNS Server, and I have a separate Web Server called (WS1.test.com)

I have installed IIS on the Web Server, and created three websites called, (website1, website2, website3), with their own application pools.

Then I set the binding of each site to (website1.test.com, website2.test.com, website3.test.com) etc.

And finally created an alias for each of the sites that points to the CName of the WebServer.

e.g website1.test.com points to WS1.test.com

Everything works, and I can view each of the sites in IE by typing http://website1.test.com,http://website2.test.com,  http://website3.test.com, etc.

Is this how it should be done, or am I missing anything?

I noticed that if I delete the CName record in DNS I can't view the sites in IE. So I guess that the CNames records are required.

Thanks

WebPlatformInstaller download links broken for Windows Fabric V1 CU1 Dependency

0
0

Am trying to install SERVICEBUS Server 1.1 using WebPlatform installer and am running into issues with blob location not found:

DownloadManager Information: 0 : Content-Encoding header: 'gzip'
DownloadManager Information: 0 : Number of bytes downloaded over the internet: '22146'
DownloadManager Information: 0 : Number of bytes after possible decompression: '74242'
DownloadManager Warning: 0 : Error getting last-modified header, error code: 12150
DownloadManager Warning: 0 : HttpQueryInfoWithRetry for HTTP_QUERY_LAST_MODIFIED failed.
DownloadManager Information: 0 : Ratings file loaded successfully

DownloadManager Error: 0 : WebClient download error. Uri: http://dpetrainingkits.blob.core.windows.net/shared/EnterpriseDevCamps.png, Error: System.Net.WebException: The remote server returned an error: (404) Not Found.
   at System.Net.WebClient.DownloadFile(Uri address, String fileName)
   at Microsoft.Web.PlatformInstaller.UI.DownloadServiceImplementation.DownloadFile(Uri uri, String filePath)
DownloadManager Information: 0 : http://dpetrainingkits.blob.core.windows.net/shared/EnterpriseDevCamps.png responded with 404
DownloadManager Information: 0 : Response headers:
HTTP/1.1 404 The specified blob does not exist.
Content-Length: 215
Content-Type: application/xml
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e86767c8-cf3a-4992-92cd-18acacdf3ffc
x-ms-version: 2009-09-19
Date: Fri, 22 Aug 2014 17:16:30 GMT


DownloadManager Error: 0 : WinInet download error. Uri: http://dpetrainingkits.blob.core.windows.net/shared/EnterpriseDevCamps.png, Error: System.Net.WebException: Url 'http://dpetrainingkits.blob.core.windows.net/shared/EnterpriseDevCamps.png' returned HTTP status code: 404
   at Microsoft.Web.PlatformInstaller.ManagedWinInet.OpenUrlAndFollowRedirects(Uri& uri, IntPtr& hInetFile)
   at Microsoft.Web.PlatformInstaller.ManagedWinInet.DownloadFile(Uri uri, String fileName, String& contentDispositionFileName)
   at Microsoft.Web.PlatformInstaller.UI.DownloadServiceImplementation.DownloadFile(Uri uri, String filePath)
DownloadManager Information: 0 : Adding product Windows Azure Pack: Service Bus 1.1 (ServiceBus_1_1) to cart
DownloadManager Information: 0 : Dependent product VC11Redist_x64 does not apply for current OS / configuration. Not adding
DownloadManager Information: 0 : Dependent product VC11Redist_x64 does not apply for current OS / configuration. Not adding
DownloadManager Information: 0 : Dependent product VC11Redist_x64 does not apply for current OS / configuration. Not adding
DownloadManager Information: 0 : Adding product 'ServiceBus_1_1'

ARR Helper (for IIS8)

0
0

Good day,

I know this was a separate application developed to help out with the mapping of "Forwarded_For" IPs to replace the C-IP, so that remote addresses would be passed through.

Sadly it looks like that developer has left MS and it seems that project has been abandoned, is there any chance a client can be put together to facilitate this again for IIS8 systems (where the AAR-help for IIS7 no longer functions as expected)?

I see a lot of people posting about it and I'm sure it will help with driving more people to use this if there was a available tool for it.


Load balancing on different ports on same server

0
0

Trying to use IIS ARR to load balance the requests, unfortunately we have only one server in production, and the services are deployed to the server listening on different ports, i.e. 8081,8082,8083. I tried to edit the hosts file with '127.0.0.1         MySite1 MySite2 MySite3' then later creates a farm with MySite1, MySite2 and MySite3 under different ports. However, keep getting the message 'The request cannot be routed because it has reached the Max-Forwards limit.'

How to make this work, thanks in advance!!

URL Rewrite for SSL redirection

0
0

Can URL Rewrite be used to change http: to https: for directories on my site which require ssl? If not, does anybody have any suggestions on how to achieve this?

Thanks in advance.

Ok

Problem parsing .aspx on IIS7 for external Clients (shows sourcecode)

0
0

My Problem is, that calling an .aspx Page from EXTERNAL it shows only the Sourcecode instead of parsing it.

INTERNAL (localhost) it works perfect !!!!!

SO Here ist my Setting:

Windows Server 2008, IIS7, Plesk 11

For the Domain it is ASP.NET v4.0.30319 aktivated (Classic Mode). First it was in Integrated mode, and i had Internal Server Error 500 (Pipline problem) but i solved that. And YES it is registered with IIS (aspnet_regiis).

I tried nearly everything except the topic all around authentication/authentification/userroles (webuser are not allowed to use the .apsx interpreter ?). Maybe there is the solution, but i dont know how to fix that.

Here is my web.config:

<?xml version="1.0" encoding="UTF-8"?><configuration><system.webServer><staticContent><mimeMap fileExtension=".asul" mimeType="text/xml" /><mimeMap fileExtension=".mz3" mimeType="text/xml" /></staticContent><security><requestFiltering><requestLimits maxAllowedContentLength="2000000000" /></requestFiltering></security><handlers accessPolicy="Read, Execute, Script"><clear /><add name="php-5.4.15" path="*.php" verb="GET,HEAD,POST" modules="FastCgiModule" scriptProcessor="C:\Program Files (x86)\Parallels\Plesk\Additional\PleskPHP54\php-cgi.exe" resourceType="Either" requireAccess="Script" /><add name="Plesk_Handler_0661262403" path="*.asp" verb="GET,HEAD,POST,TRACE" modules="IsapiModule" scriptProcessor="c:\windows\system32\inetsrv\asp.dll" resourceType="Either" /><add name="Plesk_Handler_0661262489" path="*.cer" verb="GET,HEAD,POST,TRACE" modules="IsapiModule" scriptProcessor="c:\windows\system32\inetsrv\asp.dll" resourceType="Either" /><add name="Plesk_Handler_0661262490" path="*.asa" verb="GET,HEAD,POST,TRACE" modules="IsapiModule" scriptProcessor="c:\windows\system32\inetsrv\asp.dll" resourceType="Either" /><add name="Plesk_Handler_0661262491" path="*.cdx" verb="GET,HEAD,POST,TRACE" modules="IsapiModule" scriptProcessor="c:\windows\system32\inetsrv\asp.dll" resourceType="Either" /><add name="Plesk_Handler_0661262492" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262493" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262494" path="*.aspx" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Either" requireAccess="Script" /><add name="Plesk_Handler_0661262495" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262496" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262497" path="*.php" verb="GET,HEAD,POST" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\pleskphp5\php-cgi.exe" resourceType="Either" /><add name="Plesk_Handler_0661262498" path="*.php3" verb="GET,HEAD,POST" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\pleskphp5\php-cgi.exe" resourceType="Either" /><add name="Plesk_Handler_0661262499" path="*.phtml" verb="GET,HEAD,POST" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\pleskphp5\php-cgi.exe" resourceType="Either" /><add name="Plesk_Handler_0661262500" path="*.cgi" verb="GET,HEAD,POST" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\perl\bin\perl.exe &quot;%s&quot; %s" resourceType="Either" /><add name="Plesk_Handler_0661262501" path="*.pl" verb="GET,HEAD,POST" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\perl\bin\perl.exe &quot;%s&quot; %s" resourceType="Either" /><add name="Plesk_Handler_0661262502" path="*.plx" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\perl\bin\perlis.dll" resourceType="Either" /><add name="Plesk_Handler_0661262503" path="*.py" verb="*" modules="CgiModule" scriptProcessor="c:\program files (x86)\parallels\plesk\additional\python\python.exe -u &quot;%s&quot; %s" resourceType="Either" /><add name="Plesk_Handler_0661262504" path="WebResource.axd" verb="GET,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262505" path="trace.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262506" path="WebAdmin.axd" verb="GET,DEBUG" modules="IsapiModule" scriptProcessor="c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll" resourceType="Unspecified" /><add name="Plesk_Handler_0661262509" path="*.dll" verb="*" modules="IsapiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" /><add name="Plesk_Handler_0661262510" path="*.exe" verb="*" modules="CgiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" /><add name="StaticFile" path="*" verb="*" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" resourceType="Either" /></handlers><defaultDocument><files><clear /><add value="Index.html" /><add value="Index.htm" /><add value="Index.cfm" /><add value="Index.shtml" /><add value="Index.shtm" /><add value="Index.stm" /><add value="Index.php" /><add value="Index.php3" /><add value="Index.asp" /><add value="Index.aspx" /><add value="Default.htm" /><add value="Default.asp" /><add value="Default.aspx" /></files></defaultDocument><httpErrors errorMode="Detailed" /></system.webServer><system.web><identity impersonate="true" /></system.web></configuration>

Thx in forward (and sorry for english *g*)

<div id="dc_vk_code" style="display: none;"></div>

Https with URL rewrite

0
0

I recently bought SSL for my website and wanted to create a section within the site in the form of https://secure.mydomain.com/member/upgrade.aspx. However, I am having a hard time solving this issue since currently my website URL rewrite prohibits any subdomain and the user is logged out if he or she gets transferred to the above link. I am thinking perhaps I should have bought the wild card ssl instead of for a specific subdomain.

I have search online and found some good information such as dynamically create the url without actually creating a subdomain in IIS.

Question: 1. What steps are needed to achieve the objective above?

Thank you.

Viewing all 27852 articles
Browse latest View live




Latest Images