none
Binding & Self-Signed Server Certificate Errors RRS feed

  • Question

  • Folks,

    I'm new to setting up SSL & I have 2 issues with getting a test website running. Any help would be greatly appreciated. Here are the details...

    /*****************************************************************************************/
    Issue 1
    /*****************************************************************************************/

    1. I'm using IE 7 On a 2008 server.
    2. I created a self-signed server cert.
    3. The Issuer and Subject properties are CN = machine name
    4. When binding, I used https (which doesn't allow a host name) & chose the cert I created.

    So far so good.

    5. When I choose basic settings in the Actions Pane & test the settings,
       Authentication is valid but Authorization says...

       The server is configured to use pass-through authentication with a built-in account to
       access the specified physical path. However, IIS Manager cannot verify whether the built-in
       account has access. Make sure that the application pool identity has Read access to the
       physical path. If this server is joined to a domain, and the application pool identity is
       NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to
       the physical path. Then test these settings again.

    The server is not on a domain But I don't know where or what the application pool identity is
    concerning the physical path. IIS_IUsers has read access but I don't think that IIS_IUsers &
    application pool identity are related.

    What am I missing?

    /*****************************************************************************************/
    Issue 2
    /*****************************************************************************************/

    1.  When I choose Browse *.443(https) in IIS Manager | Actions Pane | Continue to this website (not recommended),

    I get a certificate error "Mismatched Address" with a url of https://localhost/.
    When I view the certificate and click the Install Certificate button, it says that the import was successful.
    When I recycle IIS, I still get the same certificate error.

    Again, what am I missing?


    Thanks again in advance for your help.


    JDA
    Friday, January 7, 2011 10:06 PM

Answers

  • Folks,

    Thanks for all the looks. I resolved issue #1.  Issue #2 is still a problem. Any Ideas?

    Thanks


    JDA
    • Marked as answer by Robinson Zhang Wednesday, January 26, 2011 5:55 AM
    Monday, January 10, 2011 3:16 PM
  • Hi,

     

    This issue is more IIS related issue, I suggest posting a new thread in our IIS forum.

     

    For your reference, I have included our IIS g forum below:

    http://forums.iis.net/


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Proposed as answer by Robinson Zhang Thursday, January 13, 2011 2:58 AM
    • Marked as answer by Robinson Zhang Wednesday, January 26, 2011 5:55 AM
    Wednesday, January 12, 2011 2:30 AM

All replies

  • Folks,

    Thanks for all the looks. I resolved issue #1.  Issue #2 is still a problem. Any Ideas?

    Thanks


    JDA
    • Marked as answer by Robinson Zhang Wednesday, January 26, 2011 5:55 AM
    Monday, January 10, 2011 3:16 PM
  • Hi,

     

    This issue is more IIS related issue, I suggest posting a new thread in our IIS forum.

     

    For your reference, I have included our IIS g forum below:

    http://forums.iis.net/


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Proposed as answer by Robinson Zhang Thursday, January 13, 2011 2:58 AM
    • Marked as answer by Robinson Zhang Wednesday, January 26, 2011 5:55 AM
    Wednesday, January 12, 2011 2:30 AM