I was setting up some IIS servers for use with Microsoft Azure MFA and thus after the basic setup was done I looked to hardening the web interface (well it is for an authentication system) so I turned off all the SSL protocols and also TLS1.0 as they have known vulnerability.
That done I moved on to other tasks and never tried to access the systems via IIS remote manager, until a few days back, when I wanted to check some settings on the MFA webSDK web app I had just added to the systems (note the servers run 2008R2 core thus have no GUI IIS manager on them).
As you can imagine I was some what perplexed that the IIS remote manager would not connect. RDP, powershell, remote mmc connections all worked so why did IIS manager not ?
After quite a lot of searching and getting the correct search terms in line, I found this forum thread.
http://forums.iis.net/t/1230207.aspx?IIS+8+5+Management+Services+and+disabling+TLS+1+0and it turns out that disabling TLS1.0 breaks IIS remote management, so if you ever get a message like
The underlying connection was closed: An unexpected error occurredthen it may be an idea to check what TLS options are enabled on the server you are trying to connect to.
No comments:
Post a Comment