Validating resources located at non public ip addresses
Check if the server certificate has the private key corresponding to it. Select the thumbprint section and click on the text below.
Refer the below picture: If private key is missing, then you need to get a certificate containing the private key, which is essentially a . There is a command that we could try to run in order to associate the private key with the certificate: If the association is successful, then you would see the following window: Note: 1a 1f 94 8b 21 a2 99 36 77 a8 8e b2 3f 42 8c 7e 47 e3 d1 33 is the thumbprint of the certificate. Do a "Ctrl A" and then "Ctrl C" to select and copy it.
Now let's assume the website is accessible over http and we get the above error when trying to browse over https.
If there is another process listening on that port then check why that process is consuming that port.
Therefore, if Fiddler is used to capture HTTPS traffic, the requests will succeed.
Registry keys As documented in https://support.microsoft.com/kb/2643584, there is a Send Extra Record registry value, which can: For Internet Explorer and for clients that consume IE components, there is a registry key in the Feature Control section, FEATURE_SCH_SEND_AUX_RECORD_KB_2618444, which determines whether or any other named application opts in to the new behavior.
This material is provided for informational purposes only. This document will help you in troubleshooting SSL issues related to IIS only.
Client Certificates troubleshooting will not be covered in this document.
In the non-working scenario, the client was configured to use TLS 1.1 and TLS 1.2 only.