We are a small company (its a Microsoft shop) we are currently using subversion with VisualSVN installed (pretty easy to setup btw) I am currently evaluating Mercurial because of branching nightmare in svn.

So first i followed http://www.firegarden.com/software/hosting-mercurial-repo-iis7-windows-server-2008r2-x64-python-isapi-cgi with latest mercurial source code 1.9.2 and python 2.7 got the below error

Failed to import callback module 'hgwebdir_wsgi'
The specified module could not be found.

so i scratched that and then i followed this http://www.jeremyskinner.co.uk/mercurial-on-iis7/ and it worked until i reached the step Enabling SSL which is where the problem is. i even setup ssl certs using OpenSSL http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html still nothing. this is the error i get

URLError: [Errno 10054] An existing connection was forcibly closed by the remote host
[command returned code 255...]

Server side i have this hgweb.config

[collections]
C:\repository\hg = C:/repository/hg

[web]
#push_ssl = false
allow_push = *
baseurl = /hg
cacerts =

web.config

 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
<system.webServer>
    <handlers>
        <add name="Python" path="*.cgi" verb="*" modules="CgiModule" scriptProcessor="C:\Python27\python.exe -u &quot;%s&quot;" resourceType="Unspecified" />
    </handlers>
    <rewrite>
        <rules>
            <rule name="rewrite to hgweb" patternSyntax="Wildcard">
                <match url="*" />
                <conditions>
                    <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                </conditions>
                <action type="Rewrite" url="hgweb.cgi/{R:1}" />
            </rule>
        </rules>
    </rewrite>
    <security>
         <requestFiltering>
           <requestLimits maxAllowedContentLength ="2147482624" />
        </requestFiltering>
    </security>
</system.webServer>
<system.web>
    <httpRuntime executionTimeout="540000" maxRequestLength="2097151"/>
</system.web>

client side hgrc

[paths]
default = https://webtest/hg/test/

[hostfingerprints]
webtest = 50:de:a4:d9:72:59:68:fd:91 ...

EDIT I tried to install MacHg on my macbook to test. i used http://machghelp.jasonfharris.com/kb/connections/how-do-i-add-a-server-certificate-or-fingerprint-for-https as walkthrough and it WORKS!! so this eliminates server(i.e.server can push & pull from both http & https) so now i am sure its my windows/TortoiseHg which has problem. (but following these steps for tortoiseHg gives me nothing :( )

EDIT2 One more finding... i can't even clone using https, it only works for http. I tried to clone one of codeplex projects using https and that works!...This is really frustrating

Am i missing something? any help will be appreciated.

Setting up certificates with Mercurial is described in https://www.mercurial-scm.org/wiki/CACertificates

On this page there is that note that says "use openssl, not IIS, to generate certificates" - apparently an IIS7 self-signed certificates does not validate in the SSL library used by Mercurial.

If you install TortoiseHg, your Mercurial certificates will be read from hgrc.d/cacert.pm. This means you must add your self-signed certificate here.

Otherwise, the most efficient way to get help troubleshooting your installation is via Mercurial IRC

It worked when i used Older version i.e. Mercurial 1.8.4. So i stopped investigating any further

Make sure you go into IIS SSL settings and check "ignore" on client certificates.

I'm just posting this for anyone else coming into the thread from a search.

There's currently an issue using the largefiles extension in the mercurial python module when hosted via IIS. See this post if you're encountering issues pushing large changesets (or large files) to IIS via TortoiseHg.

The problem ultimlately turns out to be a bug in SSL processing introduced Python 2.7.3 (probably explaining why there are so many unresolve posts of people looking for problems with Mercurial). Rolling back to Python 2.7.2 let me get a little further ahead (blocked at 30Mb pushes instead of 15Mb), but to properly solve the problem I had to install the IISCrypto utility to completely disable transfers over SSLv2.

I wrote up some detailed instructions for getting Mercurial to work under IIS. We're on Mercurial 2.6, and it works.