Forum Discussion
Frankie1969
Jan 13, 2022Copper Contributor
Install ssl certificate on windows server 2012 R2
I would install a SSL certificate on Windows Server 2012 R2. I received from SSL/provider 4 files: mydomain.company.it.csr mydomain.company.it.key mydomain_company_it_cert.cer mydomain_company_...
- Jan 15, 2022Yes, importing a pfx file gives you a certificate with the private key. (The key sign will be shown then in the certificate store) Perhaps the person who gave you the files can convert his files into a a pfx file using openssl tooling.
Jan 15, 2022
What are the certificate details? Is it a certificate which has been created using an internal Certificate Authority and are you missing the intermediate and root certificates in your store?
Frankie1969
Jan 16, 2022Copper Contributor
Thanks. certificate details:
In my Personal Store i've only this certificate.
I call in the browser mydomain.company.it
Edge replies me "Unable to reach this page"
Firefox shows me the page but "Connection is not secure".
At the beginnig i've received 4 files from provider (you can see first message) but after i received .pfx file and installed that.
I don't know if i need to use URL rewrite module in IIS.
My first problem is that Edge doesn't show the page while Firefox and Chrome show it but reporting that the site is not safe.
Could the fact that Firefox and Chrome show the unsafe page could be that some resource is called up in the MasterPage with http: // ... and not https: //?
- Jan 31, 2022Did you manage to fix your issue?
- Frankie1969Jan 16, 2022Copper ContributorI always reset IIS after every change.
I'll do a firewall check.
Thanks a lot - Jan 16, 2022It all seems to be in good shape... Did you restart IIS during configuration? If not, try a iisreset.exe in an admin command prompt.. Also, are you testing internally or externally? Firewall opening is correct and when doing a netstat -an | find /i "443" you see a port listening on 443?
- Frankie1969Jan 16, 2022Copper Contributor
Frankie1969
This is content of personal store - Frankie1969Jan 16, 2022Copper Contributor
In the binding host name is
mydomain.company.it
And Request Name Server is not flagged.
In certificate details i read in "Subject Alternate Name" property
DNS Name=mydomain.company.it - Jan 16, 2022And in the binding, what's the Host Name? That does correspond to the subject alternate name in the certificate?
- Frankie1969Jan 16, 2022Copper Contributor
if i enter in address bar https://mydomain.company.it/default.aspx page has not shown.
if i enter in address bar http://mydomain.company.it/default.aspx page HAS shown.
Yes 443 port. - Frankie1969Jan 16, 2022Copper Contributor
Frankie1969
I've replaced the Default.aspx (starting page) page with a "poor code" with only https external references.
Same situation:
if i enter in address bar mydomain.company.it page has shown but site is not secure.
if i enter in address bar https://mydomain.company.it/default.aspx page has not shown.
Whoever lasts wins it.<%@ Page Language="vb" AutoEventWireup="false" CodeBehind="Default.aspx.vb" Inherits="ApplicationName.Default" %> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title></title> </head> <body> <form id="form1" runat="server"> <div> <div id="body"> <h3>We suggest the following:</h3> <ol class="round"> <li class="one"> <h5>Getting Started</h5> ASP.NET Web Forms lets you build dynamic websites using a familiar drag-and-drop, event-driven model. A design surface and hundreds of controls and components let you rapidly build sophisticated, powerful UI-driven sites with data access. <a href="https://go.microsoft.com/fwlink/?LinkId=245146">Learn more…</a> </li> <li class="two"> <h5>Add NuGet packages and jump-start your coding</h5> NuGet makes it easy to install and update free libraries and tools. <a href="https://go.microsoft.com/fwlink/?LinkId=245147">Learn more…</a> </li> <li class="three"> <h5>Find Web Hosting</h5> You can easily find a web hosting company that offers the right mix of features and price for your applications. <a href="https://go.microsoft.com/fwlink/?LinkId=245143">Learn more…</a> </li> </ol> </div> </div> </form> </body> </html>
- Jan 16, 2022
If you access the page using https, it should not give you errors. Binding is done on the site using the installed certificate and port 443?
- Frankie1969Jan 16, 2022Copper ContributorYes and No. It's true certificate is installed but browser (Edge,Firefox,Chrome) tells that certificate is not installed. But i believe that orginal question is answered and now it's another problem.
In your opinion if browser tells "Certificate is not installed" the reason may be also some link "http//...." in aspx page or is sure that certified is not installed ? - Jan 16, 2022You're getting there! But I guess your original question is answered now?
- Frankie1969Jan 16, 2022Copper ContributorJust for news: I changed this line in the masterpage
from <html xmlns = "http://www.w3.org/1999/xhtml">
a <html xmlns = "https://www.w3.org/1999/xhtml">
Now Edge opens the site, always in non-secure mode but at least opens it. - Jan 16, 2022Edge is more restrictive I guess? I have no idea what website you're running and how it works internally 🙂
- Frankie1969Jan 16, 2022Copper ContributorDo you have an idea why Edge won't open it? Is very strange
- Jan 16, 2022Ok, certificate is from a public CA so that shouldn't be the problem. If you have a website running on IIS and it's the only one plus you did the binding... Then an URL Rewrite shouldn't be needed. And yes, everything should be https or your browser will see that it switched from https to http and will say not safe.
URL Rewrite is nice if people just type the url and the browser starts connecting with http, it will be redirected to https.