Testing SSL with multiple SSL-Enabled Websites in IIS

StackOverflow https://stackoverflow.com/questions/1443062

  •  22-07-2019
  •  | 
  •  

Question

I developed a ASP.NET application that needs to run in multiple instances on my machine (IIS7). I need to set up SSL for each instance, but I lose the option to do binding to a specific host name (that option is only available with regular HTTP). So how do I differentiate the instances?

If I try to add more than 1 SSL binding I get the error "At least one other site is using the same HTTPS binding and the binding is configured with a different certificate (...)".

What to do?

Was it helpful?

Solution

The hostname information is part of the http headder, which is encrypetd (and decrypted) by SSL, so in order to have several SSL websites you have to do either:

  • Use a wildcard certificate on all websites and use a hostheadder to route to the correct one: Example: Certificate for *.foo.com Sites: bar.foo.com and main.foo.com and void.foo.com

Or bind each certificate to its own IP

Or... Use SSL Termination from an accelerator device (ISA Server etc)

OTHER TIPS

The question was specifically for IIS 7, however there is a new feature in IIS 8 that works with modern browsers called SNI that can assist with this.

http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-server-name-indication-sni-ssl-scalability

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top