通过 HTTPS 的 IIS 503“服务不可用”,HTTP 工作正常
[英]IIS 503 “Service Unavailable” over HTTPS, HTTP works fine
问题描述
I have a web site running in IIS 7.5.
我有一个在 IIS 7.5 中运行的网站。 When I access the site over HTTP, everything works fine.当我通过 HTTP 访问该站点时,一切正常。 When I run the site over HTTPS, I immediately get an HTTP 503 error "Service Unavailable".当我通过 HTTPS 运行站点时,我立即收到 HTTP 503 错误“服务不可用”。 The SSL certificate used on the site self-generated/self-signed.站点上使用的 SSL 证书是自生成/自签名的。
Here are the solutions that I've seen for similar problems that do not apply to this scenario:以下是我针对不适用于此场景的类似问题所见的解决方案:
- User identity is outdated用户身份已过时
- Reason: The same App Pool that runs successfully under HTTP is used with HTTPS原因:在 HTTP 下成功运行的同一个 App Pool 与 HTTPS 一起使用
- Reason: The same App Pool that runs successfully under HTTP is used with HTTPS
- App pool user's password changed应用程序池用户密码已更改
- Reason: The same App Pool that runs successfully under HTTP is used with HTTPS原因:在 HTTP 下成功运行的同一个 App Pool 与 HTTPS 一起使用
- Reason: The same App Pool that runs successfully under HTTP is used with HTTPS
- Set "Load User Profile" to false将“加载用户配置文件”设置为 false
- Reason: This is already set to false.原因:这已经设置为false。 Again, the same App Pool that runs successfully under HTTP is used with HTTPS同样,在 HTTP 下成功运行的同一个 App Pool 与 HTTPS 一起使用
- Reason: This is already set to false.
- .NET regiis .NET 注册表
- Reason: Site/.NET already runs successfully over HTTP, and the site never appears to hit the .NET code as the 503 error comes back immediately , even after an IIS reset, or web.config modification原因:站点/.NET 已经通过 HTTP 成功运行,并且站点似乎永远不会命中 .NET 代码,因为 503 错误会立即返回,即使在 IIS 重置或 web.config 修改之后
- Reason: Site/.NET already runs successfully over HTTP, and the site never appears to hit the .NET code as the 503 error comes back immediately , even after an IIS reset, or web.config modification
- Restart IIS重启 IIS
- Reason: I tried this原因:我试过了
- Reason: I tried this
- Restart app pool重新启动应用程序池
- Reason: I tried this原因:我试过了
- Reason: I tried this
- Site > Advanced Settings > Enabled Protocols > http, https站点 > 高级设置 > 启用的协议 > http、https
- Reason: I tried this原因:我试过了
- Reason: I tried this
2 个解决方案
解决方案1
21 已采纳 2018-04-30 15:39:10
The commenter Chad Cothern on this blog had the answer and linked to this Microsoft Blog by BretB. 此博客上的评论者 Chad Cothern 给出了答案,并链接到 BretB 的此 Microsoft 博客。 The problem in this case is that everything on port 443 has been reserved and "prevents W3SVC from obtaining the rights to listen on port 80 when it tries to start the site. Furthermore, applications that run in IIS do not need explicit reservations to run, only non-IIS applications have to reserve a URL namespace if they want to use HTTP to listen for requests."这种情况下的问题是端口 443 上的所有内容都已保留,并且“阻止 W3SVC 在尝试启动站点时获得侦听端口 80 的权限。此外,在 IIS 中运行的应用程序不需要显式保留即可运行,如果非 IIS 应用程序想要使用 HTTP 来侦听请求,则它们必须保留 URL 命名空间。”
Here are the steps to determine if this is the problem and how to resolve:以下是确定这是否是问题以及如何解决的步骤:
- Open the Command Prompt打开命令提示符
- Run:
netsh http show urlacl url=https://+:443/运行: netsh http show urlacl url=https://+:443/ - If something is there, then this is your problem.如果有什么东西,那么这就是你的问题。 Port 443 is completely reserved and is blocking IIS.端口 443 被完全保留并阻止 IIS。
- If there is a need to reserve port 443 for an application running outside of IIS, it needs to be registered with an application path (ie http://+:443/appPath )如果需要为在 IIS 之外运行的应用程序保留 443 端口,则需要注册一个应用程序路径(即http://+:443/appPath )
- If there is nothing there, then this might not be the issue.如果那里什么都没有,那么这可能不是问题。 No need to continue.没有必要继续。
- If there is a need to reserve port 443 for an application running outside of IIS, it needs to be registered with an application path (ie http://+:443/appPath )
- Run:
netsh http delete urlacl https://+:443/运行: netsh http delete urlacl https://+:443/ - Try running your application again.再次尝试运行您的应用程序。
Note, that you can also check port 80, or any other port using this method.请注意,您还可以使用此方法检查端口 80 或任何其他端口。 For instance if port 80 is reserved and 443 is not, then the site over HTTPS would work, while HTTP would not.例如,如果端口 80 被保留而 443 未被保留,那么通过 HTTPS 的站点可以工作,而 HTTP 则不能。
解决方案2
0 2021-03-17 21:17:13
I had a similar issue getting "503 “Service Unavailable”" over HTTPS, HTTP when I checked the console in Firefox.当我在 Firefox 中检查控制台时,我遇到了类似的问题,通过 HTTPS、HTTP 获取“503“服务不可用””。 Everything looked fine on the IIS side: SSL certificate, ports, site running, etc. I checked the modem port and realized it required port 443 forwarding enabled. IIS 端的一切看起来都很好:SSL 证书、端口、站点运行等。我检查了调制解调器端口并意识到它需要启用端口 443 转发。 Only port 80 was forwarding.只有端口 80 正在转发。 But because I was using a modem branded CenturyLink, the router's Remote GUI Management was using the port.但是因为我使用的是品牌为 CenturyLink 的调制解调器,路由器的远程 GUI 管理正在使用该端口。
Lesson learned, if you are using a router branded by CenturyLink or other company that does the same, maybe the same applies.经验教训,如果您使用由 CenturyLink 或其他具有相同功能的公司品牌的路由器,则可能同样适用。 Per the answer here in this link, do:每答案在这里在这个环节,做到:
Common error: "The defined port or port range is in use by another port forwarding or application rule."常见错误:“定义的端口或端口范围正被另一个端口转发或应用程序规则使用。”
If Port 443 is already taken by the router's Remote GUI Management.如果端口 443 已被路由器的远程 GUI 管理占用。 To free up that port:要释放该端口:
- Log in to the WiFi router.登录到 WiFi 路由器。
- Go into the Advanced section.进入高级部分。
- Click on Remote GUI on the left side menu under Remote Management.单击远程管理下左侧菜单中的远程 GUI。
- Enable Remote GUI and change the port to something other than 443 (such as 4433), then Save.启用远程 GUI 并将端口更改为 443 以外的其他内容(例如 4433),然后保存。
- Disable Remote GUI if you don't want it enabled, then Save.如果您不想启用远程 GUI,请禁用它,然后保存。
Conclusion:结论:
This solved my issue of "503 “Service Unavailable”" over HTTPS.这解决了我在 HTTPS 上的“503“服务不可用”问题。 Port 443 requires to be enabled.需要启用端口 443。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.