Recently the server certificates expired and I need to renew the certificates. I went to the server, entered IIS managment console, opened the Default web site, right click on the Default web site, select “Property” item from the popup menu. Then click the “Directory Security” tab. Click the “Server certificate” button, a dialog showed up. I clicked the “renew the current certificate” option and click “Next”, and I saved the server certificate request to c:\request.txt.
After that I went to the server certificate service web site of my company, filled in necessary information and pasted the content of c:\request.txt into the form, and submitted the form. Minutes later I got an email from the server certificate service web site with the renewed server certificate. I saved the new certificate to c:\cert.cer. I went to IIS management console again, opened the “Server certificate” dialog again, and then I selected the c:\cert.cer. It seemed the certificate was renewed successfully.
And then I browsed my application page in IE, I saw an error message “Could not find the web site”. I did not know what was broken during renewing the certficate. Then I search the error message and error code on Baidu.com and google.com. It seemed no page is talking about the error message. I also called my colleagues, asked them whether they knew what was the root cause. They did not find the reason. I had to dig it out by myself. In the mean time, the business user reported that the production server was down. They needed to do trades on the next day morning and then I needed to figoure it out before the next day.
Let me be concentrated on the error..., what was done? Just renewed the certificate, and then the server was broken. What was broken? No idea. Let me check the IIS settings one by one. After checked all the settings, I found my application could only be accessed using 127.0.0.1. The original IP address 14.129.146.123 of the application server is not accessible. Then I went to “Website” tab, go to “IP address”, click “Advanced” button, I found the original IP address 14.129.146.123 was not in the IP identity list and the SSL list, that should be the root cause. Therefore I added the 14.129.146.123 into the two lists.
Open the URL of my application in IE, my application came back again! Terrific!