System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:17001
Problem reported by Andrew Stein - 9/18/2015 at 8:52 AM
Submitted
I'm running 14 on Windows Server 2012 and IIS 8 
 
My SSL Cert was expiring, so I renewed and installed the new cert, then updated the bindings in the admin.  Afterwards, I could not access the website, either locally or on remote computers.  SMTP, POP, IMAP worked fine, however.
 
Eventually, I follwed the instructions on https://portal.smartertools.com/kb/a2903/system_net_sockets_socketexception-no-connection-could-be-made-because-target-machine.aspx
Changing MailServiceAddress to IPC fixed the problem.  However, I was wondering why this happened, and how I can avoid it in the future.  Apparently, every time I upgrade I'll have to remember to change the config file.

 

2 Replies

Reply to Thread
0
Bruce Barnes Replied
A couple of things to check:
  •  did you renew the cert via IIS, or add a new cert via IIS?
  •  did you import the new cert, and updated intermediate certs into the CERTIFICATE section of MMC?
  •  did you go to the SmarterMail IIS website and change the SSL certificate which binds to port 443 to the NEW SSL cert?
finally, have you tested your FQDN SmarterMail server name at https://www.ssllabs.com/ssltest/index.html to make certain that you have updated both the CIPHERS and SECURITY PROTOCOLS to DISABLE ALL SSL 1.0, SSL 2.0, and SSL 3.0, and enable TLS?
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Andrew Stein Replied
I'm not sure if it is a certificate problem as I could not access the web page on unencrypted ports. Neither https:// nor http:// worked and gave me the same error. That includes trying to browse to http://127.0.0.1

However, after I switched the config to IPC, everything worked I also ran the SSL Labs test and came up with an A.

I feel like something got screwed up in IIS that rejected all traffic, encrypted or no. However, switching the config file to IPC fixed it. Unfortunately I don't know what that means or how I can switch back to 127.0.0.1.

Reply to Thread