DirectAccess: Corporate names cannot be resolved.
-
2013년 3월 8일 금요일 오전 11:51
Hey there,
I configured DirectAccess and a test machine as a client but the Direct Access Connectivity Assistant shows "Corporate network names cannot be resolved. If the problem persists, contact the site administrator.".
The IPHTTPS tunnel is established successfully and I am able to ping the DA-Server from the client and the client from the DA-Server using the DNS-Server IPv6 address. Unfortunatly if I try to access one of my internal services (HTTP, TCP, Network Shares, etc.) the connection does not come up.
I understood that using ping or tracert does not recognize NRPT so what would be the best way to dig deeper on the root cause?
Please find the diagnostics log of the DCAS below:
***************************************************************************
ipconfig /all
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Test-PC
Primary Dns Suffix . . . . . . . : DIGITALTEMPUS.INT
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : DIGITALTEMPUS.INTEthernet adapter Ext:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
Physical Address. . . . . . . . . : 00-15-5D-51-0A-07
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8967:9ae:1536:9014%10(Preferred)
IPv4 Address. . . . . . . . . . . : 80.154.78.53(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : 80.154.78.49
DHCPv6 IAID . . . . . . . . . . . : 234886493
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-C2-B1-E2-00-15-5D-51-0A-07
DNS Servers . . . . . . . . . . . : 194.25.2.129
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter isatap.{BD7B2EDE-BFFF-4C88-B252-8DEB5D611C9D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesTunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:509a:4e35::509a:4e35(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 194.25.2.129
NetBIOS over Tcpip. . . . . . . . : DisabledTunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:24ab:3217:af65:b1ca(Preferred)
Link-local IPv6 Address . . . . . : fe80::24ab:3217:af65:b1ca%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : DisabledTunnel adapter iphttpsinterface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : iphttpsinterface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesC:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh int teredo show state
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh int teredo show state
Teredo Parameters
---------------------------------------------
Type : client
Server Name : teredo.ipv6.microsoft.com.
Client Refresh Interval : 30 seconds
Client Port : unspecified
State : dormantC:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh int httpstunnel show interfaces
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh int httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.digitaltempus.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface deactivated
C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>***************************************************************************
netsh dns show state
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh dns show state
Name Resolution Policy Table Options
--------------------------------------------------------------------Query Failure Behavior : Always fall back to LLMNR and NetBIOS
if the name does not exist in DNS or
if the DNS servers are unreachable
when on a private networkQuery Resolution Behavior : Resolve both IPv4 and IPv6
addresses for namesNetwork Location Behavior : Let Network ID determine when Direct
Access settings are to be usedMachine Location : Outside corporate network
Direct Access Settings : Configured and Enabled
DNSSEC Settings : Not Configured
C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh name show policy
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh name show policy
DNS Name Resolution Policy Table Settings
Settings for .
----------------------------------------------------------------------
Certification authority : DC=INT, DC=DIGITALTEMPUS, CN=Digital Tempus Root CA
DNSSEC (Validation) : disabled
DNSSEC (IPsec) : disabled
DirectAccess (DNS Servers) : 2002:b2fa:a85e:3333::1
DirectAccess (IPsec) : disabled
DirectAccess (Proxy Settings) : Bypass proxySettings for .digitaltempus.int
----------------------------------------------------------------------
Certification authority : DC=INT, DC=DIGITALTEMPUS, CN=Digital Tempus Root CA
DNSSEC (Validation) : disabled
DNSSEC (IPsec) : disabled
DirectAccess (DNS Servers) : 2002:b2fa:a85e:3333::1
DirectAccess (IPsec) : disabled
DirectAccess (Proxy Settings) : Bypass proxySettings for DirectAccess-NLS.DIGITALTEMPUS.INT
----------------------------------------------------------------------
Certification authority : DC=INT, DC=DIGITALTEMPUS, CN=Digital Tempus Root CA
DNSSEC (Validation) : disabled
DNSSEC (IPsec) : disabled
DirectAccess (DNS Servers) :
DirectAccess (IPsec) : disabled
DirectAccess (Proxy Settings) : Use default browser settingsC:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh name show effective
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh name show effective
DNS Effective Name Resolution Policy Table Settings
Settings for .digitaltempus.int
----------------------------------------------------------------------
Certification authority : DC=INT, DC=DIGITALTEMPUS, CN=Digital Tempus Root CA
DNSSEC (Validation) : disabled
IPsec settings : disabled
DirectAccess (DNS Servers) : 2002:b2fa:a85e:3333::1
DirectAccess (Proxy Settings) : Bypass proxySettings for DirectAccess-NLS.DIGITALTEMPUS.INT
----------------------------------------------------------------------
Certification authority : DC=INT, DC=DIGITALTEMPUS, CN=Digital Tempus Root CA
DNSSEC (Validation) : disabled
IPsec settings : disabled
DirectAccess (DNS Servers) :
DirectAccess (Proxy Settings) : Use default browser settingsC:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh adv mon show mmsa
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh adv mon show mmsa
Main Mode SA at 03/08/2013 12:15:56
----------------------------------------------------------------------
Local IP Address: 2002:509a:4e35::509a:4e35
Remote IP Address: 2002:b2fa:a85e::b2fa:a85e
Auth1: ComputerCert
Auth2: UserNTLM
MM Offer: None-AES128-SHA256
Cookie Pair: bca78e06794cc3e3:25832bb4d1fbd833
Health Cert: NoMain Mode SA at 03/08/2013 12:15:56
----------------------------------------------------------------------
Local IP Address: 2002:509a:4e35::509a:4e35
Remote IP Address: 2002:b2fa:a85e::b2fa:a85e
Auth1: ComputerCert
Auth2: UserNTLM
MM Offer: None-AES128-SHA256
Cookie Pair: f3dde2716bcd44b5:1b2a983a38cebc72
Health Cert: No
Ok.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh nap client show state
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh nap client show state
The "Network Access Protection Agent" service is not running.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
wevtutil query-events Microsoft-Windows-NetworkAccessProtection/Operational /count:20 /format:text /rd:true
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>wevtutil query-events Microsoft-Windows-NetworkAccessProtection/Operational /count:20 /format:text /rd:true
C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh int ipv6 show int level=verbose
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh int ipv6 show int level=verbose
Interface Loopback Pseudo-Interface 1 Parameters
----------------------------------------------
IfLuid : loopback_0
IfIndex : 1
State : connected
Metric : 50
Link MTU : 4294967295 bytes
Reachable Time : 35000 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 0
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : disabled
Neighbor Unreachability Detection : disabled
Router Discovery : enabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledInterface isatap.{BD7B2EDE-BFFF-4C88-B252-8DEB5D611C9D} Parameters
----------------------------------------------
IfLuid : tunnel_4
IfIndex : 11
State : disconnected
Metric : 50
Link MTU : 1280 bytes
Reachable Time : 18500 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 0
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : disabled
Router Discovery : enabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledInterface 6TO4 Adapter Parameters
----------------------------------------------
IfLuid : tunnel_5
IfIndex : 18
State : connected
Metric : 5
Link MTU : 1280 bytes
Reachable Time : 35500 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 0
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : disabled
Neighbor Unreachability Detection : disabled
Router Discovery : enabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledInterface Ext Parameters
----------------------------------------------
IfLuid : ethernet_6
IfIndex : 10
State : connected
Metric : 5
Link MTU : 1500 bytes
Reachable Time : 36000 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 1
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : enabled
Managed Address Configuration : enabled
Other Stateful Configuration : enabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledInterface Teredo Tunneling Pseudo-Interface Parameters
----------------------------------------------
IfLuid : tunnel_6
IfIndex : 12
State : connected
Metric : 50
Link MTU : 1280 bytes
Reachable Time : 8500 ms
Base Reachable Time : 15000 ms
Retransmission Interval : 2000 ms
DAD Transmits : 0
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : enabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledInterface iphttpsinterface Parameters
----------------------------------------------
IfLuid : tunnel_9
IfIndex : 17
State : disconnected
Metric : 50
Link MTU : 1280 bytes
Reachable Time : 20500 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 1
Site Prefix Length : 64
Site Id : 1
Forwarding : disabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : enabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabledC:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh advf show currentprofile
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh advf show currentprofile
Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096Ok.
C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
***************************************************************************
netsh advfirewall monitor show consec
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>netsh advfirewall monitor show consec
Global Settings:
----------------------------------------------------------------------
IPsec:
StrongCRLCheck 0:Disabled
SAIdleTimeMin 5min
DefaultExemptions ICMP
IPsecThroughNAT Never
AuthzUserGrp None
AuthzComputerGrp NoneStatefulFTP Enable
StatefulPPTP EnableMain Mode:
KeyLifetime 480min,0sess
SecMethods DHGroup2-AES128-SHA256,DHGroup2-AES128-SHA1,DHGroup2-3DES-SHA1
ForceDH NoCategories:
BootTimeRuleCategory Windows Firewall
FirewallRuleCategory Windows Firewall
StealthRuleCategory Windows Firewall
ConSecRuleRuleCategory Windows Firewall
Quick Mode:
QuickModeSecMethods ESP:SHA1-None+60min+100000kb,ESP:SHA1-AES128+60min+100000kb,ESP:SHA1-3DES+60min+100000kb,AH:SHA1+60min+100000kb
QuickModePFS NoneSecurity Associations:
Main Mode SA at 03/08/2013 12:15:56
----------------------------------------------------------------------
Local IP Address: 2002:509a:4e35::509a:4e35
Remote IP Address: 2002:b2fa:a85e::b2fa:a85e
Auth1: ComputerCert
Auth2: UserNTLM
MM Offer: None-AES128-SHA256
Cookie Pair: bca78e06794cc3e3:25832bb4d1fbd833
Health Cert: NoMain Mode SA at 03/08/2013 12:15:56
----------------------------------------------------------------------
Local IP Address: 2002:509a:4e35::509a:4e35
Remote IP Address: 2002:b2fa:a85e::b2fa:a85e
Auth1: ComputerCert
Auth2: UserNTLM
MM Offer: None-AES128-SHA256
Cookie Pair: f3dde2716bcd44b5:1b2a983a38cebc72
Health Cert: NoQuick Mode SA at 03/08/2013 12:15:56
----------------------------------------------------------------------
Local IP Address: 2002:509a:4e35::509a:4e35
Remote IP Address: 2002:b2fa:a85e::b2fa:a85e
Local Port: Any
Remote Port: Any
Protocol: Any
Direction: Both
QM Offer: ESP:SHA1-AES192+60min+100000kb
PFS: None
IPsec Statistics
----------------Active Assoc : 3
Offload SAs : 0
Pending Key : 0
Key Adds : 6
Key Deletes : 4
ReKeys : 0
Active Tunnels : 2
Bad SPI Pkts : 0
Pkts not Decrypted : 0
Pkts not Authenticated : 0
Pkts with Replay Detection : 0
Confidential Bytes Sent : 32,096
Confidential Bytes Received : 62,008
Authenticated Bytes Sent : 39,008
Authenticated Bytes Received: 62,008
Transport Bytes Sent : 0
Transport Bytes Received : 0
Bytes Sent In Tunnels : 39,008
Bytes Received In Tunnels : 62,008
Offloaded Bytes Sent : 0
Offloaded Bytes Received : 0Ok.
C:\Windows\system32\LogSpace\{551A8547-C220-4F50-BB35-73CBCABBC73D}>
I appreciate every feedback on this very much as I don't know how to proceed at this moment.
Thanks in advance.
Kind regards,
Lars
모든 응답
-
2013년 3월 8일 금요일 오후 7:20
Hi,
It looks like you are connected with 6to4 to your corporate network and you are talking about IPHTTPS.I would suggest that you start by disabling Teredo (and 6to4 if you only want to use IPHTTPS).
In your log above your IPTTHPS interface is inactive and you are connected to the Microsoft Teredo relay and to what looks like your DA server over 6to4.Jonas Blom | Relevo AB | http://blog.nrpt.se
-
2013년 3월 11일 월요일 오전 9:52
My tunnel is up using IPHTTPS.
***************************************************************************
netsh int httpstunnel show interfaces
***************************************************************************
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32\LogSpace\{E560B145-D4C3-48F7-90E6-82DAA9169BA8}>netsh int httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.digitaltempus.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface activeC:\Windows\system32\LogSpace\{E560B145-D4C3-48F7-90E6-82DAA9169BA8}>
but I am still not able to connect to my internal infrastructure. is there any way that you could investigate remotely (Teamviewer,Lync, or so)
I am really stuck on this and need to get it working till the end of the week.
I disabled Teredo and 6to4 - FYI but it still does not work.
-
2013년 3월 13일 수요일 오후 1:57
There are quite a few things that I see as potential causes of trouble:
Is this a Server 2012 or UAG DirectAccess? If UAG, it is not normal to see the Microsoft Teredo relay information listed in your Teredo adapter properties, this would imply to me that your client didn't receive the GPO settings correctly, or that they weren't populated correctly for some reason. If your client is missing connectivity info, that would cause a problem.
Is this a Windows 7 or Windows 8 client computer? I don't see any certificate information listed in your log file output - if this is a Windows 7 client you need to issue machine certificates for IPsec authentication, the tunnels will not build without.
I see a "." entry listed in your NRPT - do you have Force Tunneling for DirectAccess enabled? If you do, I would disable it, at least temporarily while you try to get DA working. Get basic connectivity going first, before you try any advanced features.
I just tried browsing to your IP-HTTPS web listener, and I get a certificate warning. You need to figure out why that is occuring as it will also cause problems. I didn't do any real digging to look into the certificate, didn't want to pry too much, but I recommend using a certificate that you purchase from a third-party CA for the IP-HTTPS listener. Trying to use your own certificate is a pain, and using a self-signed certificate is just bad practice.
Good luck!
.png)
