我们有一台带有IIS 7的Windows 2008服务器来测试我们为客户开发的网站。每个站点都在子域上绑定:
(*使用example.com保护无辜者)
对于其中一个网站,我们现在必须测试它是否适用于https。
所以我创建了一个证书请求,* .example.com作为通用名称。我收到了证书(由PositiveSSL SA发布)并完成了请求。证书现在安装在IIS中。
现在我已使用以下设置向第二个站点添加了https绑定:
键入:https IP地址:全部未分配 港口:443 主机名:clientb.example.com SSL证书:* .example.com
通过常规http浏览网站工作正常。当我尝试通过https浏览网站时,我收到以下错误(取决于使用的浏览器):
Chrome
此网页不可用 错误102(net :: ERR_CONNECTION_REFUSED):未知错误。
Firefox
无法连接 Firefox无法在clientb.example.com上建立与服务器的连接 Firebug说Status:Aborted
Internet Explorer
Internet Explorer无法显示网页
我检查了失败请求跟踪,并根据日志完成了状态为200的请求。
我运行了SSL诊断工具,结果如下:
System time: Fri, 04 Mar 2011 14:04:35 GMT
Connecting to 192.168.2.95:443
Connected
Handshake: 115 bytes sent
Handshake: 3877 bytes received
Handshake: 326 bytes sent
Handshake: 59 bytes received
Handshake succeeded
Verifying server certificate, it might take a while...
Server certificate name: *.example.com
Server certificate subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.example.com
Server certificate issuer: C=GB, S=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=PositiveSSL CA
Server certificate validity: From 2-3-2011 1:00:00 To 2-3-2012 0:59:59
1:00:00 To 2-3-2012 0:59:59
HTTPS request:
GET / HTTP/1.0
User-Agent: SSLDiag
Accept:*/*
HTTPS: 85 bytes of encrypted data sent
HTTPS: 533 bytes of encrypted data received
Status:
HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 04 Mar 2011 14:04:35 GMT
Connection: close
Content-Length: 315
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>
HTTPS: server disconnected
Final handshake: 37 bytes sent successfully
答案 0 :(得分:3)
为了使IP绑定与主机头结合使用时,最好首先确保防火墙将https请求转发到Web服务器(TCP / 443)。
卫生署。