Monday, March 30, 2015

Upgrading to Windows 2012 R2 64-bit Part 1 of 2

I migrated the secondary server from Windows 2003 Standard 32-bit to Windows 2012 R2 64-bit since Win2003 is not supported anymore and it cannot handle SHA-2 SSL.  While my previous attempt to do the same on the virtual server went through like a breeze, doing it on the bare metal server took way much longer than I expected.

  1. The OS Reload took 2 hours to complete.
  2. Upon login, it looks like Softlayer did not install IIS by default unlike with the virtual server.  I had to manually search for the instructions and found this --
  3. After loading the programs, got tons of IIS errors.  I did several tests and eventually came to the conclusion that the problem was .NET 4.5 was installed prior to installing IIS.  So it has to be reconfigured in order for IIS to recognize it.  In the old days, it was just a simple call of aspnet_regiis.exe.  But it looks like Win2012 does not support that anymore.  Instead, it uses something called dism.  This link solved it --
  4. The above command also correctly installed the ASP.NET State Service.
  5. When the components look like they are working, I tried making test transactions.  I was getting some weird error message that I've never seen before.  After doing some Google research, and inserting lots of debug tracers, it turns out that Windows 2012 has IPv6 enabled by default.  So the Request.UserAddress was returning an IPv6 address instead of an IPv4 which, in turn, causes problem with the call to GeoIP.  The coding suggestion here worked --
  6. Then I installed the SMTP Server but could not log into it no matter what settings I was doing on the Firewall.  Then I remembered having this same problem a long time ago!  Its the McAfee Virus Scan that came with the bare metal server which was blocking SMTP access.  The virtual server does not come with McAfee so I did not have such problem.  Disabled spam checking at McAfee solved that.
  7. Now, I'm working on getting my SSL certificate re-issued under the newly loaded OS.  I followed this CSR generation instruction --  Now waiting for Geotrust to send me back my new certificate.
Sigh, the expected 2 to 3 hour maintenance is now running 6 hours and counting...

No comments: