SignalR app starts, runs on http but not on https: Unexpectedly closed connection

Question

I have a self-hosted SignalR application in a Windows Service built with VS2015 FW 4.6, SignalR 2.3.0. This has been working fine for more than 2 years using ports 6286 (https) and 6287 (http) and "*" for the IP. I wanted to switch these ports to 80 and 443 respectively and apply a wild-card certificate to 443. Since there are web sites using the certificate on IP 192.168.100.7 I added another IP address (192.168.100.3) to my server applied the certificate with:

netsh http add sslcert ipport=192.168.100.3:443 appid={12345678-db90-4b66-8b01-88f7af2e36bf} certhash=xxxxxxxxxxxxxxxxxxxxxxxxx

I can verify the success with:

netsh http show sslcert ipport=192.168.100.3:443

So I start the WebApps with the following:

SignalR = WebApp.Start("http://192.168.100.3:80/");
SignalRSSL = WebApp.Start("https://192.168.100.3:443/");

They seem to start fine, no errors and if I use http://192.168.100.3/signalr/hubs it works fine. However, https://192.168.100.3:443/signalr/hubs gives the "Unexpectedly closed connection" error.

What have I done wrong, is there something else to set for https?

Answer 1

My error... I was using the internal IP's and corresponding external IP's to test this. What I realized is that the wild-card certificate is not tied to an IP, it's tied to a domain! So, I created an A record for the IP with the wild-card's domain and it worked.

However, I now have a different problem in that it's trying to negotiate with the web server's domain and not the signalR domain to send a message!

https://webserverdomain/signalr/negotiate?clientProtocol=1.5....  

I don't know where it's picking the web server's name up but it's different enough that it's probably a topic for another post.