Re: SSL and Load Balanced Servers (Revocation message)

Hi Mike,

Thanks for your reply.

The certificate is from a commercial company (expires 06/2007). I have
checked the times on my servers and they are identical.

If I look at the certificate using MMC the General tab gives Certificate
information "Windows does not have enough information to verify this
certificate". I checked the Certification Path tab andf it shows a warning
and no path is detailed. The Certification status says "The issuer of this
certificate could not be found".

If I look at the same information on the partner server it all looks good
and the Certification path is fine.

Would I normally have to do anything else to make sure my server can talk to
the certificate issuer? As i mentioned before both servers are similar in
configuration and on the same subnet.

Many thanks,

Jason.

"Miha Pihler [MVP]" wrote:

Hi,

What certificates are you using? Your own or from commercial CA server?

Also check that date and time on your server are correct.

--
Mike
Microsoft MVP - Windows Security

"JayMG" <JayMG@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:795E33BD-225F-4652-9D6E-0B1D942BFA68@xxxxxxxxxxxxxxxx
Hi,
I've just copied a website that uses SSL from one IIS server to a second
web
server for use in a load balanced environment. The load balancing is done
via
a network load balancer.

I have exported the certificate for the domain site from the first server
and imported it to the second server following the instructions from
Microsoft :
http://support.microsoft.com/default.aspx?scid=kb;en-us;313299

When I access the website on the second server I get the following message
popped up :
"Revocation information for the security certificate for this site is not
available. Do you want to proceed?"

I read a MS article that explains how this could occur iof the CDP (cert
distribution point) is unavailable but I should have no problems as the
web
site on the original server is still running fine (no message is displayed
on
access) and it is on the same subnet.

Has anyone else come across this and found out what it could be the
problem?

Many thanks,

Jay.







.

Relevant Pages

  • RPC over HTTP, Microsoft solution
    ... Exchange Server 2003 RPC over HTTP Deployment Scenarios ... Place a check in the box next to 'Certificate Services' and click 'Yes' ...
    (microsoft.public.exchange.setup)
  • Re: OWA 2003 w/ Smart Card Authentication.
    ... Exchange 2003 server via ActivSync. ... the IIS certificate. ... Whether or not authentication will succeed is completely dictated by ... Server's SSL certificate must be configured on root of v-server via ...
    (microsoft.public.exchange.connectivity)
  • Re: Configuring LDAP on Entourage 2004 OS X
    ... Microsoft CSS Online Newsgroup Support ... does not work with a self signed SSL certificate OR with the SSL ... configure the System to allow OMA and "Server ActiveSync" access from the ... Configuring Exchange Server 2003 for Client Access. ...
    (microsoft.public.windows.server.sbs)
  • Re: Configuring SBS2003 for OWA and RWW
    ... And make sure certificate will not be ... On the Connection Type page, click Broadband, and then click Next. ... next to Preferred DNS server and next to ... If you are using ISA, please go to ISA management console, and navigate ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 SSL certs for 1 IIS site?
    ... Each Certificate will need it's own IP address. ... Yes this will work for load balancing as well and you should be able use ... For example the "owa" ... certificate can be installed on Server A and Server B for each of the owa ...
    (microsoft.public.inetserver.iis.security)