We had this situation other day with one of the IIS websites. We were troubleshooting SSL on the site, and after that we were able to resolve that SSL issue. However, we found that the site only works from within the server. But from outside, we were getting connection refused. We checked and re-checked certificates, certificate trust store, windows firewall rules, event logs and firewall logs, SNI, bindings but still same issue.

While checking ports, we observed that port 443 is in listening state only for IP address 127.0.0.1 but not for 0.0.0.0 (Note that 0.0.0.0 means all possible IP address,  only ipv4). So it would require to be listening on the same, so that clients can connect to it.Read More »