我需要恢复一个应用程序,以便在逐步淘汰之前可以由第三方安全地归档.
为了在不危及整个服务器的情况下这样做,我想在连接之前强制用户进行身份验证,这意味着需要TLS.
不幸的是,该服务器上的443端口(xxx.xxx.xxx.120)被另一个应用程序(使用自己的HTTP服务器的Web邮件系统)占用,因此我向服务器添加了一个新的公共IP(xxx.xxx.xxx) .120)并在IIS中为这个新IP添加了端口443的绑定:
我还确保其他应用程序不是0.0.0.0:443上的绑定,而是使用特定的IP地址.
最后,我运行了netstat -ano |找到“:443”并得到了这个:
TCP xxx.xxx.xxx.120:443 0.0.0.0:0 LISTENING 3016 TCP xxx.xxx.xxx.120:443 0.0.0.0:0 LISTENING 3016
xxx.xxx.xxx.120是初始服务器IP地址,新的是xxx.xxx.xxx.122.
为了更好的衡量,我还运行了netstat -aon |找到“xxx.xxx.xxx.122:443”(新的IP)并没有得到任何回报,正如预期的那样.
不幸的是,当我尝试启动Web应用程序时,我收到以下错误消息:
如果IP:它尝试绑定到的端口被接受,那么IIS会抛出此错误,但netstat明确表示它可用.
我错过了什么?
编辑:当我尝试启动服务时,系统事件日志中有两个事件:
Log Name: System Source: Microsoft-Windows-IIS-W3SVC Date: 7/19/2014 11:59:44 AM Event ID: 1004 Task Category: None Level: Error Keywords: Classic User: N/A Computer: xxxx Description: The World Wide Web Publishing Service (WWW Service) did not register the URL prefix https://XXX.XXX.XXX.122:443/ for site 2. The site has been disabled. The data field contains the error number. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-IIS-W3SVC" Guid="{xxxxx}" EventSourceName="W3SVC" /> <EventID Qualifiers="49152">1004</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-07-19T09:59:44.000000000Z" /> <EventRecordID>119596</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>System</Channel> <Computer>xxxx</Computer> <Security /> </System> <EventData> <Data Name="UrlPrefix">https://XXX.XXX.XXX.122:443/</Data> <Data Name="SiteID">2</Data> <Binary>20000780</Binary> </EventData> </Event>
和
Log Name: System Source: Microsoft-Windows-HttpEvent Date: 7/19/2014 11:59:44 AM Event ID: 15005 Task Category: None Level: Error Keywords: Classic User: N/A Computer: XXX Description: Unable to bind to the underlying transport for [::]:443. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-HttpEvent" Guid="{xxx}" EventSourceName="HTTP" /> <EventID Qualifiers="49152">15005</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-07-19T09:59:44.330234300Z" /> <EventRecordID>119597</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="88" /> <Channel>System</Channel> <Computer>XXX</Computer> <Security /> </System> <EventData> <Data Name="DeviceObject">\Device\Http\ReqQueue</Data> <Data Name="Address">[::]:443</Data> <Binary>0000040002003000000000009D3A00C0000000000000000000000000000000000000000000000000430000C0</Binary> </EventData> </Event>
2.事件“[::]:443”中显示的IP地址看起来像IPv6.也许两个Web应用程序都试图绑定除您指定的IPv4地址之外的所有IPv6地址.尝试暂时禁用IPv6以查看问题是否消失.
