Share via

"This page isn't working right now" ERR_EMPTY_RESPONSE in IIS but it does not make sense.

Hunter Glod 0 Reputation points
2023-03-13T14:25:24.82+00:00

I'm a Sales Engineer who manages our environment for Sales Demos for our company's software. Currently I am having issues within IIS when navigating to web pages via hostname of the server. Let me explain some background first:

  • The environment is composed of a VM in Azure, with an internal VM that lives on the Azure VM in Hyper-V. This internal VM is where IIS and our software is installed. All network traffic is forwarded from this external VM to the internal VM.
  • The Azure VM has a hostname of hostname.cloudapp.azure.com for example and the internal VM has a hostname of DEMOMASTER for example.
  • IIS has a Default Web Site which our software uses that is pointed at all the webpages in C:*SoftwareName*\Webs of DEMOMASTER.
  • This past year, I had to create a new SSL certificate for the server because I had to add some DNS names to the certificate for different aspects of how our software functions or I would get a certificate error. I had just created a self-signed certificate since this is a single host used solely for sales demos so I didn't see the point in purchasing a proper certificate from a big-name CA. I did so using the following PowerShell command in the code block below.
  • I have this certificate bound to port 443 in IIS for the Default Web Site. This certificate is also installed in the Personal store of the server for the computer account, as well as in the Trusted Root of my Demo Consultants for their user accounts.
  • We connect to this site by adding a DNS entry in our Windows host file.

Finally, onto my problem with some IIS website examples and errors:

  • When browsing to https://hostname.cloudapp.azure.com/idp for example, the site loads fine and has a trusted certificate as expected.
  • When browsing to https://DEMOMASTER/idp, I get the following error.User's image
  • When opening Fiddler Classic, and capturing web traffic, and browsing to https://DEMOMASTER/idp, it loads fine.
  • I cannot change the url to http://DEMOMASTER/idp, it automatically defaults to https://DEMOMASTER/idp even though I have Require SSL disabled in IIS for the Default Web Site under SSL Settings.
  • I added another DNS hosts entry (test) pointed at the same IP address for troubleshooting and threw a .asp file in the C:*SoftwareName*\Webs folder. I can browse to http://test/test.asp fine however trying to load https://test/test.asp, http://DEMOMASTER/test.asp and https://DEMOMASTER/test.asp, I get the same error as above.

I have spent months trying to Google and read up on this, contacted various coworkers (who all don't know) and I have run out of ideas. I have hit a point in the new version of our software for sales demos that this HAS to be resolved. The fact that I can open Fiddler, capture web traffic, and everything loads as expected is making me believe something is wrong with my SSL certificate somehow and Fiddler is decrypting the SSL traffic for me in a better way. If anyone has any ideas, I am open to trying them.

Thank you for taking the time to read this.

New-SelfSignedCertificate -Subject "DEMOMASTER" -NotAfter (Get-Date).AddMonths(360) -TextExtension @("2.5.29.17={text}DNS=DEMOMASTER&DNS=hostname.cloudapp.azure.com&IPAddress=*externalIP*&IPAddress=::1")
Windows development | Internet Information Services
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,051 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. MotoX80 36,401 Reputation points
    2023-03-14T00:07:51.55+00:00

    I created a cert using your command (with a dummy externalIP address) and added it to my default web site. I removed the HTTP binding to the site. I tried browsing the site from my main laptop and got the expected certificate warning. But I was able to click on the "proceed at your own risk" warning and the page came up.

    Then on the web server (a test Win10 VM) I exported the cert without he private key. Then I followed these instructions to import it into the Trusted Root Certification Authorities on the laptop.

    https://www.ntweekly.com/2020/08/31/make-a-self-signed-certificate-trusted-on-windows/

    The site then came up just fine with no warnings.

    User's image

    My hosts file has this entry.

    192.168.1.2 demomaster

    IIS bindings look like this.

    User's image

    Is the time of day clock on all machines correct? Have you double checked to see that your hosts file has the correct IP address?

    Check the application and system eventlogs on the server. Also check the IIS logs and the HTTP error logs in C:\Windows\System32\LogFiles\HTTPERR.

    Fiddler is doing a "man in the middle" intercept. Try hitting F12 in the browser and select the Network tab and see if that shows anything different (without Fiddler).

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.