Windows Server Essentials 2016 SSL on IIS trashed - how do I fix it?

Jeff Drew

2/25/24, 7:27 AM

I have completely trashed my certificate settings for IIS and now can't connect new machines using the http://servername/connect function. I am able to access the site using https://servername, but not the ip address. The connect process requires software downloaded using the ip address through https. So, I need to set up a wildcard ssl certificate for IIS and re-bind it to the sites. I have not been able to find clear directions on how to do this. The certificates I have set up so far have common names that match the servername or localhost urls. They won't work for ip address or the fully qualified domain name. Any help would be greatly appreciated. I have also tried deleting the cert with netsh http delete sslcert, but I think I am making things worse. I also tried setting up cross-certificate urls and that has made the local security authority process use excess CPU. I also have not been able to delete the urs from the certificates as mmc crashes.

0 + 5

iis

ssl

windows-server-2016

Lex Li

2/25/24, 8:42 PM

Nobody should create certificates for IP addresses, neither should you. To generate certificates for both server name and FQDN, you need SAN certificates, not wildcard ones. Depending on your actual environment, you need assistance from your domain administrators or network administrators.

Jeff Drew

2/27/24, 7:18 AM

Perhaps sadly, I am the domain and network administrator. This server is installed at my home. I accidentally changed the SSL when I installed a Blazor application and ruined the SSL configuration. Now I need to get the certificate settings for IIS back to the original state. How do I do that?

Lex Li

2/27/24, 7:22 AM

You need to assert how much damage was there on Windows HTTP API https://docs.jexusmanager.com/tutorials/https-binding.html and I don’t think someone over the Internet can give you the necessary assistance. If you have backed up the server before making those changes you should roll back now.

Jeff Drew

2/28/24, 12:31 PM

Unfortunately, it appears I screwed up the certificates last June. Rolling back to that state would be difficult if not impossible due to the updates that Windows has applied since then. I am thinking I will uninstall Windows Essentials and IIS, delete the directories and reinstall. I am coming to the conclusion that is the only way to resolve certificate disasters.

Jeff Drew

3/6/24, 8:18 PM

I finally gave up and upgraded to Server 2022. The machine is happy, I am adding the PCs back in everything is in great shape. Thanks for the advice; I am not going anywhere near certificates again.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Windows Server Essentials 2016 SSL on IIS trashed - how do I fix it?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.