Distribution Point site role not creating SSL site binding in IIS

[surfincow]

Hello,

 

Running into an issue with a newly deployed DP. It seems when the role is installed, its not adding the SSL bindings in IIS. I found one other report of this (https://social.technet.microsoft.com/Forums/en-US/ccea8475-09b4-4d59-8cbd-11e8e41debe7/distribution-point-site-role-not-creating-ssl-site-binding-in-iis?forum=configmanagergeneral). Unfortunately it looks like for this person some registry entries and adding the https binding fixed the issue.

 

I'm not sure what regedits might be missing, but I did manually add the binding and my IIS cert and I'm able to view the default IIS page over https. If i try to run a package from that DP it works; however, its going over HTTP rather than HTTPS, so something appears to be missing.

 

I'd prefer not to manually add/hack things because if it didn't install correctly by itself, who knows what might be broke. I've already removed the role and and site system, reboot the target machine then re-install the roles and no change. The DP is configured to use HTTPS and a DP PKI cert has been imported as well.

 

Any thoughts how to get this installed correctly? The only abnormal thing I can think of that I did was that I installed IIS (and the normal site system/distribution point) roles and features before installing the site system and distribution point. Looks like that's not required since the install and configuration of IIS is an option in the wizard. I'd guess if I was missing something regarding the IIS config that when the add roles wizard ran it would have fixed any mistakes (which I don't believe I did since the install logs look ok).

 

OS= 2012R2

 

Thoughts?

[surfincow]

Update:

 

Looks like things may be going over HTTPS rather than HTTP after all.

 

When I was looking at the Location Services.log it would reference the DP with http rather than https. Since our environment (except for fsp) is https, i expected to see https there. However, I blocked http traffic to and from the DP on this host and was able to install a package located on 1 DP that installed correctly and then 1 from the DP in question. I checked the DataTransferService.log and its showing the transfer using https.

 

So my question is, as things look like they are working correctly, is there anything else that should be checked to ensure nothing is missing on this DP's config to prevent an unknown issue from popping up in the future?

 

Thanks