Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
g725s

Router won't UPnP for WHS 2011 Remote Web Access

Recommended Posts

g725s

messing around a bit more with setting in IE.

 

  1. Open Internet Explorer.

  2. In the Tools menu select Internet Options.

  3. Pick the Advanced tab and then scroll down to the Security section

  4. Then turn off or uncheck Check for server certificate revocation

  5. Click OK at the bottom of the window.

So using IE with my laptop tethered to phone for internet service I am able to access the login page and folders and files once I preform the steps in the link above for IE. 

Edited by g725s

Share this post


Link to post
Share on other sites
jmwills

That's very dangerous to use if you use that machine for everyday access to other sites

Share this post


Link to post
Share on other sites
ikon

OK, I don't really think it's all that weird that your phone can connect but your laptop. If you think about it, what if the browser on your phone doesn't check certificates? What if it just ignores certificate errors and proceeds on to the site? Most browsers do check certs, and will not proceed if they find a 'problem'. However, your phone's browser may have stripped down features, because it has to run on a phone.

 

And, when you tether your laptop to the phone, you have to remember, you're not using your phone's browser, you're using your laptop's. The phone is merely acting as a modem, allowing you laptop to connect to the phone company's network. As it has all along, your laptop's browser is checking certs.

Share this post


Link to post
Share on other sites
ikon

OK, I was able to get to your RWA login screen. It's not the way it should be done, but it does prove that the site is available.

 

What I did was to simply turn off Revoked Certificate checking in Internet Explorer. Here's how:

  1. In the top-right corner of the IE window, click on the gear icon;
  2. From the drop-down menu, click on Internet Options;
  3. In the Internet Options window, click the Advanced tab (on the far right);
  4. Scroll down to the Security section;
  5. Remove the checkmarks next to Check for publisher's certificate revocation and Check for server certificate revocation;
  6. Click OK.

Now, I don't recommend running this way permanently. It turns off certificate revocation checking for every site on the Internet, not something I think you want. But, it does work as a test and, most importantly, it basically proves that your issue is, as jmwills said, related to your WHS2011 RWA certificate.

 

ps: I think this also pretty much proves that your phone's browser isn't checking for revoked certificates.

Share this post


Link to post
Share on other sites
g725s

OK, I was able to get to your RWA login screen. It's not the way it should be done, but it does prove that the site is available.

 

What I did was to simply turn off Revoked Certificate checking in Internet Explorer. Here's how:

  1. In the top-right corner of the IE window, click on the gear icon;
  2. From the drop-down menu, click on Internet Options;
  3. In the Internet Options window, click the Advanced tab (on the far right);
  4. Scroll down to the Security section;
  5. Remove the checkmarks next to Check for publisher's certificate revocation and Check for server certificate revocation;
  6. Click OK.

Now, I don't recommend running this way permanently. It turns off certificate revocation checking for every site on the Internet, not something I think you want. But, it does work as a test and, most importantly, it basically proves that your issue is, as jmwills said, related to your WHS2011 RWA certificate.

 

ps: I think this also pretty much proves that your phone's browser isn't checking for revoked certificates.

 

So what do you guys think is the best way to fix this certificate problem.  I probably won't have time for a couple of days now to really dig into it anyway  Thanks for all your help.  Funny thing I found post over on the Microsoft site where people with SE 2012 have similar problems recently with GoDaddy certificates around the same time as mine started.

Share this post


Link to post
Share on other sites
jmwills

Either rename the site or export the cert to a safe location, delete the one on the server, reboot and rebind the saved cert to the site.

Share this post


Link to post
Share on other sites
ikon

It's certainly possible that GoDaddy had an issue where they mistakenly revoked a bunch of valid homeserver.com certs. I would try jmwills recommendation. If that doesn't work, probably because of GoDaddy I suspect, I would go for a new homeserver.com name and brand new cert.

 

LOL, I just noticed your post from early this morning. I see we both had basically the same idea about turning off certificate revocation checking in IE :D

Share this post


Link to post
Share on other sites
g725s

or export the cert to a safe location, delete the one on the server, reboot and rebind the saved cert to the site.

 

I would like to try this method. Are there instructions for this somewhere?  Or specific term(s) I could search that might help me find some instructions how to do this.

 

Also, fyi, I do understand not to leave my browser with the security certificate setting I did to test the website.

Edited by g725s

Share this post


Link to post
Share on other sites
jmwills

I will try and write you up a how to.

Share this post


Link to post
Share on other sites
g725s

Update:   Problem Solved.  

 

Searching on the web I found on a Microsoft forum that others were having problems with the SSL security certificates that GoDaddy was issuing around the time I set my Remote Web Access up.

 

It was reported on this forum:

"The problem has been identified by Godaddy, which is the provider of SSL certificate for *.remotewebaccess.com. They are working on the fix and plan to release next week."

 

It was also noted on this forum that the same was true for *.homeserver.com SSL Certificates from GoDaddy during this first part of January 2015.

 

It was eventually advised on the Microsoft forum a week later that the problem had been fixed by GoDaddy and to just run the wizard again using the same name.

 

Of course my router is not UPnP friendly with the Remote Web Access wizard so I set it up myself manually with only Port 443 forwarded.  I did not run the wizard for my router or attempt to "repair" it either.

 

So I ran the Remote Web Access wizard again for my Domain. I "released" my domain *.homeserver.com and then set it up again with the exact same name. The wizard gives you the option to either create a new name or release your current name, I choose to keep the name I had before.  Now it works.  

 

I can now also view the https://YourServerName.homeserver.com from within my LAN where before I could not.

Edited by g725s

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...