IIS not responding with SSL Server Hello

Posted by Damien_The_Unbeliever on Server Fault See other posts from Server Fault or by Damien_The_Unbeliever
Published on 2011-02-16T14:06:12Z Indexed on 2011/02/16 15:27 UTC
Read the original article Hit count: 266

Filed under:
|

I'm having difficulty getting a particular IIS machine to "do" SSL. This is a test environment (one of many) which we've set up "the same" as we have many times previously, but it just doesn't seem to be working.

The server is Windows Server 2003 (Version 5.2 (Build 3790.srv03_sp2_gdr.100216-1301 : Service Pack 2))

IIS is hosting 4 sites (including the default site), but only one site is configured for SSL. We're using the same SSL certificate we use on all of our other servers (it's a wildcard cert).

(Don't think this is relevant, but including anyway) We've configured the site to require SSL, it has a subdirectory that doesn't require SSL but has an asp page that redirects into SSL. The 403;4 error page for the site is hooked up to this asp page (this is how we do our non-HTTPS into HTTPS transition).

Using Microsoft Network Monitor (3.3), I've just run a session against a server where SSL is working. It can pull apart the SSL exchange as the following messages:

SSL: Client Hello
SSL: Server Hello. Certificate. Server Hello Done
SSL: Client Key Exchange. Change Cipher Spec. Encrypted Handshake Message.
SSL: Change Cipher Spec. Encrypted Handshake Message

However, on our problem server, I only see:

SSL: Client Hello.

The next packet from the server (from port 443, so it's listening and responding there) contains only 60 bytes, and just seems to have the Tcp headers and not much else (but I'm by no means an expert at deciphering these things).

So, where do I look next? Or what additional information do I need to add to this question, and where do I find it?

© Server Fault or respective owner

Related posts about iis

Related posts about ssl