SSL certificate changed IIS settings of other websites

PromSol · August 17, 2017, 12:13pm

I ran the tool here: https://github.com/Lone-Coder/letsencrypt-win-simple to install an SSL certificate on an IIS web server which has multiple sites hosted on there in house. However

It produced this output - another site hosted on our server started displaying SSL certificate errors as the SSL had swapped over to the one I had just created, rather than keeping the one it should have stayed on - we have swapped it back but I would like to know what caused it to happen.

My web server is: Microsoft Windows Server 2008 running IIS V6

I can login to a root shell on my machine (yes or no, or I don’t know): No

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):No

PromSol · August 17, 2017, 12:20pm

Apologies, our server is running IIS V7.

rg305 · August 17, 2017, 4:26pm

Server Name Indication (SNI) was introduced in IIS 8.0.

schoen · August 17, 2017, 5:29pm

Definitely an excellent argument for upgrading to a more modern web server!

If you absolutely can’t upgrade, you could get a single Let’s Encrypt certificate that covers all of the domain names that are hosted on that server. This won’t require the use of SNI but will still support separate virtual hosts at the HTTP layer.

PromSol · August 18, 2017, 10:55am

Ok then thanks guys - Upgrading the current server is currently not an option for us but we can look into moving this website onto a different hosting platform as it is relatively seperate from the rest of them - do you know how I can uninstall this SSL from ISS7 at all?

Thanks in advance!

schoen · August 18, 2017, 5:35pm

Sorry, I’ve never used IIS!

rg305 · August 18, 2017, 9:03pm

LUCKY YOU!!!
(added irrelevant text because one liners are prohibited)

PromSol · August 22, 2017, 10:03am

Hi,

We have decided to look into hosting the site somewhere else but unfortunately there has been another problem.

As we were going to move it somewhere else I figured the SSL would no longer be needed on our current box so I deleted the certificate and the HTTPS binding for promisemoney.co.uk, also the tool I used sets up a Scheduled Task to renew the certificate which I cancelled. However, this morning we were having SSL issues again with the other site as before. I did check the bindings at the end of last night and they were correct but this morning something must’ve changed with them,

Do you know if there is anything else that I could look at to resolve this as I’m worried the box may be infected from installing the tool I mentioned above.

Have other people used it and can confirm if it is safe?

Thank you!

motoko · August 22, 2017, 3:51pm

As far as I am aware, you only have to worry about the scheduled task as the tool is pretty much self-contained. You can try also deleting the registry key it creates to track the certificates that are issued, which is HKCU\Software\lets-encrypt-win-simple\https://acme-v01.api.letsencrypt.org/\Renewals (per the tool’s wiki).

The letsencrypt-win-simple tool is used by quite a few people, so it should be safe if you got it from the official GitHub project page.

PromSol · August 22, 2017, 4:05pm

Hi Motoko,

Ok then I’ll give that a go.

I did get the tool from the Github page here https://github.com/Lone-Coder/letsencrypt-win-simple

Thank you for your help!

rg305 · August 22, 2017, 4:37pm

You could always check the downloaded file at https://VirusTotal.com for any known spyware/malware/etc.

system · September 21, 2017, 4:38pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.