Ssl – Windows Server 2012 unable to access specific SSL page

firewallhttpsnetworkingssl

This problem really boggles the mind.
I have a standard Windows 2012 server with windows firewall enabled.

Using Chrome, I am unable to access a certain HTTPS website while other HTTPS websites can be accessed without problems. Error: Time out.

Cannot access: "https://www.onlinepayment.com.my/MOLPay/"
Can access: google.com, paypal.com

Onlinepayment.com.my is accessible from home/office PC without issue.
From the server, I can ping to Onlinepayment.com.my.

I have tried allowing 443 port, disabled the firewall, use different browser (IE) and it all doesn't open the page.

I have tried asking the hosting company if they have a firewall in between, they said nope.

Best Answer

This is years late... but for those who run into issues with SSL certificates. There are a couple tests you can run which will give insight to what your issue might be.

Testing SSL Installations Using Bash:

  • Try to establish a connection with OpenSSL: 

    openssl s_client -connect www.onlinepayment.com.my:443

  • Test for redirects that may have a CN or SAN that doesnt match the certificate: 

    curl -I -L https://www.onlinepayment.com.my/MOLPay/

Testing SSL Installations Using Windows:

  • Per this stack, you can establish a connection to the server using powershell and get some information: 

    $response = Invoke-WebRequest -uri "https://www.onlinepayment.com.my/MOLPay/"
$response.BaseResponse
$response.RawContent.Split("`n")[0..20]
  • Digicert has a free application for windows which can scan internal or external sites to check the installed certificate. Run the exe and go to Tools > Check Install.

Other Tools:

  • Nmap is great for testing network issues:

    nmap -sV --script ssl-enum-ciphers -p 443 www.onlinepayment.com.my
  • The Qualys SSL Scanner can be used to review the quality and security of the connection. You can compare the results to Mozilla's recommended server configs if you're really zealous.
Related Topic