my site in running on iis5 with a bt secure server certificate

today the ssl part of the actinic site stopped working

i have loaded the latest SP3 on Windows 2000, this didn't clear it

recreated the virtual server in IIS & reapplied the certificate, still no luck

i have a theory that my colocation provider has done someting to the router & is not allowing port 443 access through to my server.

how can i check to see if port 443 requests are getting to my server ?

Hi John

If you have telnet access to your server, you could try:

telnet http://www.yourserver.com 443

If a response comes back saying
"Could not open a connection to host: Connect failed" then the request is not getting through

the telnet service was not started so i started it

i do not know if i have to setup telnet in other places ?

i run... cmd

in command window i type

C:\Documents and Settings\john>telnet http://www.abcd.com 443
Connecting To http://www.abcd.com...Could not open connection to the
host, on port 443: Connect failed

i tried typing
telnet ipaddress

Welcome to Microsoft Telnet Client

Escape Character is 'CTRL+]'


You are about to send your password information to a remote comput
zone. This might not be safe. Do you want to send anyway(y/n):

so it looks as if that works

trouble is i don't really know how telnet works

getting the hang of telnet

at command prompt typed

telnet www.myserver.com

goes into telnet fine


telnet www.myserver.com 23

goes into server fine

telnet www.myserver.com 443

nothing reported in the window
goes back to prompt


what does this tell us ??

Originally posted by codec


telnet www.myserver.com 443

nothing reported in the window
goes back to prompt

what does this tell us ??

If nothing is being reported then it cannot access that port on your server I'm afraid.

Kind regard
Nadeem R

so am i correct in saying that it is a problem with my server rather than the router ?

i got the answer from www.microsoft.com/technet

they are doing a column on iis, iis insider

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/insider/Default.asp

April 2002

it said "This creates an unbreakable rule: You cannot use Host Headers as the primary means of identifying a web site when using SSL. I don't care what else you've heard, this is the case. "

for my sins this is what i had done 9 months ago

i was using a host header on the "default web site"

i was using a host header on my actinic site (virtual web site), with a BT trustwise certificate installed.

believe me this worked for 9 months

then it stopped !

just as a test i did the following:
1) removed the SSL certificate from the actinic site
2) removed the host header from the default web site
3) installed the SSL certificate on the default web site

i was the able to communicate using https:// with the default web site

my solution
forget securing actinic with a BT trustwise certificate, because if you do you need a seperate ip address for each site. You see host headers just do not work

i have registered for actinic shared ssl instead