Hit an interesting problem recently where certain SSL enabled websites would not load up on a Windows Server 2003 published desktop.
The browser used was Internet Explorer 8 and it didn't give us a meaningful error message. Just a generic and thoroughly unhelpful "Internet Explorer cannot display the webpage" error.
The website our users were trying to reach was the login page for Websense Secure Email.
https://voltage-pp-0000.secure-mailcontrol.com/login
To troubleshoot the issue, I installed Google Chrome on an affected server and visited the same website. Chrome was a lot more helpful and it told me that the SSL certificate was "corrupt". Hmm... Curious.
I was able to visit the website without any problems on my Windows 7 machine so I had a closer look at the certificate. On my Windows 7 machine, I could see that the Digest Algorithm was one from the SHA2 family (specifically SHA-256).
When the same fields on the certificate were viewed using the affected Windows Server 2003 machine, it was displaying something else - the OID instead of 'sha256RSA' and 'sha256' respectively for fields 'Signature algorithm' and 'Signature hash algorithm' that was displayed on my Windows 7 machine.
It was fairly evident by that point that the issue was down to lack of support for the SHA2 family of hash algorithms on Windows Server 2003.
The Fix
A quick bit of Google-fu led me to this KB article:
http://support.microsoft.com/kb/938397
However, instead of installing this update, I installed a later update (which includes a newer version of crypt32.dll):
http://support.microsoft.com/kb/2868626
Problem solved!