I have an existing cloud service which work well. It use 2 endpoints (http 80 & https 443)
I'm trying to add a new endpoint on port 4443 but it's not accessible, I got an ERR_CONNECTION_TIMED_OUT when i try to access to my website on this port.
Here the csdef :
<?xml version="1.0" encoding="utf-8"?>
<ServiceDefinition name="MyService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2015-04.2.6">
<WebRole name="MyWebRole" vmsize="Small">
<Sites>
<Site name="Web">
<Bindings>
<Binding name="httpsN" endpointName="httpsN" />
<Binding name="httpsIn" endpointName="httpsIn" />
<Binding name="httpIn" endpointName="http" />
</Bindings>
</Site>
</Sites>
<Endpoints>
<InputEndpoint name="httpsN" protocol="https" port="4443" certificate="myCert" />
<InputEndpoint name="httpsIn" protocol="https" port="443" certificate="myCert" />
<InputEndpoint name="http" protocol="http" port="80" />
</Endpoints>
<Certificates>
<Certificate name="myCert" storeLocation="LocalMachine" storeName="My" />
</Certificates>
</WebRole>
</ServiceDefinition>
Your configuration is correct. You now have to make sure something is actually listening on that port in your Web Role.
Here's a remote desktop session into my Web Role, note the LISTENING state.
PS> netstat -an | select-string '443'
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
TCP 0.0.0.0:4443 0.0.0.0:0 LISTENING
I faked two listeners with PowerShell:
$listener1 = [System.Net.Sockets.TcpListener]4443
$listener1.Start();
$listener2 = [System.Net.Sockets.TcpListener]443
$listener2.Start();
nmap scan from the Internet:
$ nmap -vvv -p 4443,443,80 multiendpointwebrole.cloudapp.net -Pn
Starting Nmap 6.47 ( http://nmap.org )
...
PORT STATE SERVICE
80/tcp open http
443/tcp open https
4443/tcp open pharos
All three listeners are reachable.
And the .csdef:
...
<Bindings>
<Binding name="Binding1" endpointName="Endpoint1" />
<Binding name="Binding2" endpointName="Endpoint2" />
<Binding name="Binding3" endpointName="Endpoint3" />
</Bindings>
...
<Endpoints>
<InputEndpoint name="Endpoint1" protocol="http" port="80" />
<InputEndpoint name="Endpoint2" protocol="tcp" port="4443" />
<InputEndpoint name="Endpoint3" protocol="tcp" port="443" />
</Endpoints>
...
Tested with protocol="https" for both ports and a proper certificate as well,
$ curl -kIi https://multiendpointwebrole.cloudapp.net/
HTTP/2 403
content-length: 1233
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 30 Jan 2018 20:13:27 GMT
$ curl -kIi https://multiendpointwebrole.cloudapp.net:4443/
HTTP/2 403
content-length: 1233
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 30 Jan 2018 20:13:43 GMT
// Ignore the 403, i had no index page.
Hey, free HTTP/2 support from Windows Server 2016! How nice of Microsoft.