Re: IIS 6 conflict using port 443 for NON-SSL traffic

From: Richard Dixson (reply_at_hereonlyplease.com)
Date: 04/11/05 

Date: Mon, 11 Apr 2005 00:34:54 -0400

Unfortunately I tried that as well without success. I tried several ways.

The bottom line seems to be that something about port 443 is treated quite
specially by IIS 6 and it does not want to allow it to share port 443 by
non-SSL on one IP with SSL on another IP.

I am wondering if anyone else has run into this or is aware of it, and how I
may be able to work around it.

Richard

"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:O8rwUYkPFHA.2252@TK2MSFTNGP15.phx.gbl...
> For IIS6 use httpcfg rather than "disableSocketPooling" metabase setting.
>
> http://support.microsoft.com/kb/813368/EN-US/
>
> Cheers
> Ken
>
> --
> Blog: www.adopenstatic.com/cs/blogs/ken/
> Web: www.adopenstatic.com
>
>
> "Richard Dixson" <reply@hereonlyplease.com> wrote in message
> news:E6KdnZMKkb9dGsvfRVn-1g@comcast.com...
> :I need IIS to respond to HTTP requests on port 443 for different IPs on
the
> : same web server, with one IP set up to handle NON ssl traffic (http://),
> and
> : the other set up with a certificate to handle SSL (https://) traffic.
> :
> : IIS 6.0 (using Win2K3 latest updates/patches) will NOT allow this. When
> you
> : try to start the non-https site it complains that it is in use. There
is
> : definately a conflict due to IIS somehow locking port 443 exclusively
for
> : HTTPS traffic.
> :
> : Under IIS 5.0 I was able to succesfully work around this conflict by
> : disabling socket pooling. However under IIS 6 disabling socket spooling
> : does not work.
> :
> : Here is an example of what I am trying to do: On Web Server "A" I need
to
> : configure it like this:
> :
> : Virtual web site #1: IP=x.x.x.2: Configured for TCP Port = 443, SSL
Port
> =
> : <blank>
> :
> : Virtual web site #2: IP=x.x.x.3: Configured for TCP Port = 80, SSL Port
=
> : 443 with installed SSL certificate
> :
> : So traffic coming in as http://x.x.x.2:443/something.htm gets responded
to
> : as regular http (non-https) traffic over port 443 for this IP. And
> traffic
> : coming in as https://x.x.x.3/something.htm gets responded to as https
> : traffic over port 443 as usual.
> :
> : I realize it is unusual to have to pass NON https traffic over port 443,
> but
> : due to special circumstances this is a core requirement.
> :
> : If I remove virtual web site #2 than virtual site #1 works great - it
will
> : pass non-https traffic just fine over port 443, but ONLY IF there is no
> web
> : site configured on the server to use HTTPS (even if such https web sites
> are
> : configured on a different IP).
> :
> : The work around would be to set up a second dedicated web server for
> virtual
> : web site #1 so that it runs without a web site configured to really use
> : HTTPS. Unfortunately this is not a possibility as I only have one
> physical
> : production web server I can use, and I cannot avoid having a site on
that
> : server configured to use HTTPS.
> :
> : Can anyone offer some advice or tips on how I may be able to work around
> : this? Anyone know if IIS 7 will work the same way?
> :
> : Thank you very much in advance!
> :
> : Richard
> :
> :
>
>

Relevant Pages

  • IIS 6 conflict using port 443 for NON-SSL traffic
    ... I need IIS to respond to HTTP requests on port 443 for different IPs on the ... HTTPS traffic. ... Here is an example of what I am trying to do: On Web Server "A" I need to ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 6 conflict using port 443 for NON-SSL traffic
    ... HTTP over IP1:Port1 and HTTPS over IP2:Port1 will be allowed ... think it may be possible to use this enhanced HTTPS.SYS with IIS 6 on WS03? ... > It actually has nothing to do with port 443 -- it could be any port. ... same web server, with one IP set up to handle NON ssl traffic ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 6 conflict using port 443 for NON-SSL traffic
    ... "Richard Dixson" wrote in message ... The bottom line seems to be that something about port 443 is treated quite ... "Ken Schaefer" wrote in message ... :>: same web server, with one IP set up to handle NON ssl traffic ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 6 conflict using port 443 for NON-SSL traffic
    ... It actually has nothing to do with port 443 -- it could be any port. ... >: same web server, with one IP set up to handle NON ssl traffic, ... >: HTTPS traffic. ... web site #1 so that it runs without a web site configured to really use ...
    (microsoft.public.inetserver.iis.security)
  • Re: poert redirection https to http
    ... we have our own tracker system ... Users wants to use https instead of http - but problem is it is hardcoded - ... Is the web server inside or outside? ... Where, exactly, is the use of port 80 hard-coded? ...
    (comp.dcom.sys.cisco)