5

I need to revive an application so it can be safely archived by a third party before being phased out.

In order to do so without endangering the whole server, I want to force the user to authenticate before connecting, which means requiring TLS.

Unfortunately, the 443 port on that server (xxx.xxx.xxx.120) is taken by another application (a web mail system that uses its own HTTP server) so I added a new public IP to the server (xxx.xxx.xxx.120) and added a binding in IIS for port 443 on this new IP:

IIS bindings for the web site

I also made sure that the other app is NOT bond on 0.0.0.0:443 but uses the specific IP address.

Finally, I ran netstat -ano | find ":443" and got this:

TCP    xxx.xxx.xxx.120:443     0.0.0.0:0              LISTENING       3016
TCP    xxx.xxx.xxx.120:443     0.0.0.0:0              LISTENING       3016

xxx.xxx.xxx.120 is the initial server IP address, the new one being xxx.xxx.xxx.122.

For good measure, I also ran netstat -aon | Find "xxx.xxx.xxx.122:443" (the new IP) and got nothing back, as expected.

Unfortunately, when I try to start the web application, I got this error message:

Error message: The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020)

This error is the one IIS throws if IP:Port it tries to bind to is taken and yet netstat clearly say it is available.

What am I missing ?

Edit: There are two events in the system event log when I attempt to start the service:

Log Name:      System
Source:        Microsoft-Windows-IIS-W3SVC
Date:          7/19/2014 11:59:44 AM
Event ID:      1004
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      xxxx
Description:
The World Wide Web Publishing Service (WWW Service) did not register the URL prefix https://XXX.XXX.XXX.122:443/ for site 2. The site has been disabled. The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-IIS-W3SVC" Guid="{xxxxx}" EventSourceName="W3SVC" />
    <EventID Qualifiers="49152">1004</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-07-19T09:59:44.000000000Z" />
    <EventRecordID>119596</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>xxxx</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="UrlPrefix">https://XXX.XXX.XXX.122:443/</Data>
    <Data Name="SiteID">2</Data>
    <Binary>20000780</Binary>
  </EventData>
</Event>

And

Log Name:      System
Source:        Microsoft-Windows-HttpEvent
Date:          7/19/2014 11:59:44 AM
Event ID:      15005
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      XXX
Description:
Unable to bind to the underlying transport for [::]:443. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine.  The data field contains the error number.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-HttpEvent" Guid="{xxx}" EventSourceName="HTTP" />
    <EventID Qualifiers="49152">15005</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-07-19T09:59:44.330234300Z" />
    <EventRecordID>119597</EventRecordID>
    <Correlation />
    <Execution ProcessID="4" ThreadID="88" />
    <Channel>System</Channel>
    <Computer>XXX</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="DeviceObject">\Device\Http\ReqQueue</Data>
    <Data Name="Address">[::]:443</Data>
    <Binary>0000040002003000000000009D3A00C0000000000000000000000000000000000000000000000000430000C0</Binary>
  </EventData>
</Event>
Stephane
  • 6,432
  • 3
  • 26
  • 47
  • Are you 100% sure your web application is correctly binded to the new IP ? To be sure, and if you can, you could try to shutdown the web mail http server and start your web app, then run the `netstat` command again to check the binding... – krisFR Jul 18 '14 at 13:48
  • Yes, I'm 100% sure of the new web app binding. I'll add a screenshot of the binding in IIS. As for the webmail app, I don't see how (or why) it could fool netstat. – Stephane Jul 18 '14 at 13:53
  • There: I added the screenshot I promised – Stephane Jul 18 '14 at 14:58
  • Have you looked in your System event logs to see if anything was logged from either `Microsoft-Windows-HttpEvent` or `Microsoft-Windows-IIS-W3SVC` sources? – pk. Jul 18 '14 at 15:29
  • Yes, there are two events logged. I added them to the description of the problem – Stephane Jul 19 '14 at 10:09
  • What's in your registry key `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ListenOnlyList` ? – krisFR Jul 19 '14 at 13:17
  • This key does not exist – Stephane Jul 21 '14 at 07:12

1 Answers1

2

The IP-Address shown in the 2. Event "[::]:443" looks like IPv6. Perhaps both web applications try to bound all IPv6-Addresses besides IPv4-Addresses you specified. Try disable IPv6 temporarily to see if the issue disappears.

user3767013
  • 136
  • 1