IIS 7 Disabling "Require SSL"
Deployed an ASP.NET application to our internal production server as a virtual directory under the default web site. I had been getting 403 errors when trying to connect to it. So I verified the folder permissions and when I went to look at the IIS (7) SSL settings I saw that "Require SSL", "Require 128-bit SSL" and require client certificates have been enabled. This application does not need开发者_StackOverflow中文版 SSL.
The problem is that these checkboxes and radio buttons have been greyed out and I can't seem to figure out how to disable them. Also, in the upper right hand corner of the IIS manager, I see in the alerts box "The site does not have a secure binding (HTTPS) and cannot accept SSL connections.
How do I disable the SSL settings?
For anyone else having this issue, here is what I found that cleared the SSL configuration:
appcmd set config "Default Web Site" /section:access /sslFlags:None /commit:APPHOST
That was a bug in IIS Manager, the workaround is to temporarily add a binding using SSL so that the checkboxes become enabled, then uncheck them, and remove the ssl binding. ALternatively using AppCmd, or Configuration Editor (in IIS Manager) you should be able to achieve that as well.
Just open IIS Manager, navigate to the site using the Tree view, and double click Configuration Editor, then select system.webServer/security/access in the section list. Change that value to None.
If your application has no relationship to your Default Site in IIS, you should really create your own Web Site in IIS so that you are completely isolated from the settings you would inherit from running in a virtual directory.
In the Bindings for your new site, distinguish your site from the Default Site by using a different port or alternately use a different domain name, such as a sub-domain of the domain used by the Default site (requires your internal DNS to be updated to support this new domain).
精彩评论