Re: IIS 6 conflict using port 443 for NON-SSL traffic
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: Mon, 11 Apr 2005 14:59:40 +1000
Did you restart http.sys after you made the change?
-- Blog: www.adopenstatic.com/cs/blogs/ken/ Web: www.adopenstatic.com "Richard Dixson" <email@example.com> wrote in message news:bZWdnVdDb-ntY8TfRVn-oA@comcast.com... : Unfortunately I tried that as well without success. I tried several ways. : : The bottom line seems to be that something about port 443 is treated quite : specially by IIS 6 and it does not want to allow it to share port 443 by : non-SSL on one IP with SSL on another IP. : : I am wondering if anyone else has run into this or is aware of it, and how I : may be able to work around it. : : Richard : : "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message : news:O8rwUYkPFHA.2252@TK2MSFTNGP15.phx.gbl... : > For IIS6 use httpcfg rather than "disableSocketPooling" metabase setting. : > : > http://support.microsoft.com/kb/813368/EN-US/ : > : > Cheers : > Ken : > : > -- : > Blog: www.adopenstatic.com/cs/blogs/ken/ : > Web: www.adopenstatic.com : > : > : > "Richard Dixson" <firstname.lastname@example.org> wrote in message : > news:E6KdnZMKkb9dGsvfRVnemail@example.com... : > :I need IIS to respond to HTTP requests on port 443 for different IPs on : the : > : same web server, with one IP set up to handle NON ssl traffic (http://), : > and : > : the other set up with a certificate to handle SSL (https://) traffic. : > : : > : IIS 6.0 (using Win2K3 latest updates/patches) will NOT allow this. When : > you : > : try to start the non-https site it complains that it is in use. There : is : > : definately a conflict due to IIS somehow locking port 443 exclusively : for : > : HTTPS traffic. : > : : > : Under IIS 5.0 I was able to succesfully work around this conflict by : > : disabling socket pooling. However under IIS 6 disabling socket spooling : > : does not work. : > : : > : Here is an example of what I am trying to do: On Web Server "A" I need : to : > : configure it like this: : > : : > : Virtual web site #1: IP=x.x.x.2: Configured for TCP Port = 443, SSL : Port : > = : > : <blank> : > : : > : Virtual web site #2: IP=x.x.x.3: Configured for TCP Port = 80, SSL Port : = : > : 443 with installed SSL certificate : > : : > : So traffic coming in as http://x.x.x.2:443/something.htm gets responded : to : > : as regular http (non-https) traffic over port 443 for this IP. And : > traffic : > : coming in as https://x.x.x.3/something.htm gets responded to as https : > : traffic over port 443 as usual. : > : : > : I realize it is unusual to have to pass NON https traffic over port 443, : > but : > : due to special circumstances this is a core requirement. : > : : > : If I remove virtual web site #2 than virtual site #1 works great - it : will : > : pass non-https traffic just fine over port 443, but ONLY IF there is no : > web : > : site configured on the server to use HTTPS (even if such https web sites : > are : > : configured on a different IP). : > : : > : The work around would be to set up a second dedicated web server for : > virtual : > : web site #1 so that it runs without a web site configured to really use : > : HTTPS. Unfortunately this is not a possibility as I only have one : > physical : > : production web server I can use, and I cannot avoid having a site on : that : > : server configured to use HTTPS. : > : : > : Can anyone offer some advice or tips on how I may be able to work around : > : this? Anyone know if IIS 7 will work the same way? : > : : > : Thank you very much in advance! : > : : > : Richard : > : : > : : > : > : :