So we’ve just set up a site with IIS 8.0, that is normally accesible via port 80 and no certificate requirement.
- we’ve created a self signed certificate
- we’ve set up site bindings through port 443 with the self signed certificate, IP address set to : All Unassigned, Hoste name field is left empty.
Bindings- on Site’s SSL settings we’ve ticked the “Require SSL”
- if the option “Accept” under Client Certificates is selected, the site is accessible with the standard “this site can’t be trusted prompt”
- if we select “Require” under Client Certificates, the site becomes inaccessible, with the 403.7 Forbidden error on the server, and 403 error when connecting form clients.
What we’ve tried:
- Site restart
- IIS restart
- Machine restart
- Selecting different certificate stores for that certificate, no luck
- Creating a certificate in PS with the New-SelfSignedCertificate command, no luck
- Check the C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto\RSA read/write rights, were all ok
- The certificate seems ok, displays the “You have a private key that corresponds with this certificate” prompt Certificate
- Using SSL Diagnostics tool 1.1, displays no error with the connectivity
At this point we’re baffled. It’s like we’re runing in circles, yet we suspect that the self signed certificate published by the IIS 8.0 is broken (we’re tried publishing a few, and binding them on the site, same errors all the time)
Specs:
a Virtualized Win Serv 2012 r2 (updated), 3,5ghz 4 cores, 4Gb of ram, 80Gb of space, running with admin rights.Any suggestions or answers would be appreciated
Answer
Attribution
Source : Link , Question Author : kekkec , Answer Author : Community
