Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

The incorrect localhost certificate is being served by IIS

Tags:

iis

ssl

ssl-certificate

OK I have a SSL issue that I can't seem to get past on this 1 Win7 x64 machine. I have been using self-signed certs for years and even blogged about them before so I have experience. However something is happening that I can't figure out this time.

I have (2) localhost SSL certs created and insalled on my machine.

  1. localhost (friendly name) issued and created in IIS (7.5). It contains the 'Issued To' and 'Issued By' values of my machine name: 'DevMachine123'. This is the certificate being served up for applications configured under the 'Default Web Site' in IIS.
  2. localhost SSL certificate created using makecert.exe tool where CN=localhost (common name) was used. It contains the 'Issued To' and 'Issued By' values of 'localhost'. This is the SSL cert I want served up in IIS for my applications configured under the 'Default Web Site'.

The error I'm getting is:

'The security certificate presented by this website was issued for a different website's address.'

When I view the certificate being served up from the IE browser: it shows the localhost cert issued to 'DevMachine123' is being used and not the localhost issued to localhost (#2 above) which should resolve this issue. Hence the name mismatch because 'DevMachine123' does not match 'localhost'.

Another point to make; my certificates have been added to 'Trusted Root Certification Authorities' so they both are trusted certificates.

Last point to make, I checked the https port 443 Binding configuration for the 'Default Web Site' on my machine in IIS. I view the certificate and it shows the correct localhost certificate is bound (#2 above with CN=localhost).

I feel that I have covered my bases here (yes I have seen this and this so please do not re-post). What am I missing here?

Thanks!

like image 963
atconway Avatar asked Oct 12 '12 19:10

atconway

People also ask

How do I use https on localhost IIS?

Solve this by starting mmc.exe . The final step is to open Internet Information Services (IIS) Manager or simply inetmgr.exe . From there go to your site, select Bindings... and Add... or Edit... . Set https and select your certificate from the drop down.

How do I create a self signed certificate for localhost from IIS?

In IIS Manager, do the following to create a self-signed certificate: In the Connections pane, select your server in the tree view and double-click Server Certificates. In the Actions pane, click Create Self-Signed Certificate. Enter a user-friendly name for the new certificate and click OK.

1 Answers

I had a similar issue and had also gone through the checks you mentioned above for the site bindings. I ran the following netsh command

netsh http show sslcert

This showed me two SSL Certificate bindings. One on IP:Port 0.0.0.0:443 with the correct certificate and one on IP:Port [::]:443 with an expired certificate. I opened CertMgr.msc for the Local Computer (see here for instructions) and searched for the invalid certificate and discovered it had expired.

To resolve the issue I did the following

  1. netsh http delete sslcert ipport=[::]:443
  2. iisreset /restart
like image 200
IsolatedStorage Avatar answered Sep 25 '22 09:09

IsolatedStorage
Sign in to Comment

Related questions

How can I reliably get the actual URL, even when there are percent-encoded parts in the path?
Windows Azure - Serve unknown (mp4) MIME types in Windows Azure IIS storage
Response.TrySkipIisCustomErrors not working
What is request-processing pipeline?
ASP.NET - Unable to translate Unicode character XXX at index YYY to specified code page
Using IIS Rewrite to add HttpOnly Flag To Cookies Not Working
Visual Studio 2015 resetting web project to use IIS Express
Web Deploy with TeamCity failed with error ERROR_EXCEEDED_MAX_SITE_CONNECTIONS
How to warm up an ASP.NET MVC application on IIS 7.5?
How to tell why an IIS application pool is recycled
How to set different Timeouts for different URLs in ASP.NET
PHP Error - Uploading a file
How to detect if the current application pool is winding up in IIS7.5 and Asp.Net 3.5+
How can I determine the number of users on an ASP.NET site (IIS)? And their info?
IIS: how to undeploy/delete/remove a webapp from command line?
IIS7 - only serves up one page at a time. It's a making me crAzY!
Apache and IIS 7 running together
How to detect if a file is PDF or TIFF?
What's the difference between "aspnet_regiis -ir" and "aspnet_regiis -iru"?
Can't get my EC2 Windows Server 2008 (Web stack) instance to receive publishings of my website

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!