• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 516
  • Last Modified:

Wildcard SSL binding issue on Windows 2008

I have a Windows 2008 R2 server which hosts many websites (probably 30-40).  Of those, maybe 15 are SSL enabled.  I am using a wildcard SSL certificate for *.lpga.com, and when I set up SSL enabled sites, in the IIS bindings, I set the binding type to SSL, select the wildcard certificate, and provide the hostname of the site.  This works perfectly and allows me to host multiple SSL websites using a single IP address.

The problem with this, however, is that IIS freaks out whenever I try to remove the SSL binding from a website.

So for example, let's say I have two websites set up in IIS:

Website 1 is configured for both http and https access using the hostname site1.lpga.com.

Website 2 is configured for both http and https access using the hostname site2.lpga.com.

If I go into the bindings for Website 1 and try to remove the https binding (leaving just the http binding) I get a warning prompt about other sites using the same SSL certificate and that removing the certificate will cause those sites to stop working.

I understand that the concept of hosting multiple websites on a single IP address using wildcard SSL works because the same certificate is being used for each binding, but what I don't understand is why IIS wants to remove the certificate from all websites using it if I just want to stop binding a single site to https using a given hostname.  That almost seems like a bug or design flaw.

Am I doing something wrong, or is there another way to do this, or is this just a flaw that I have to live with?
0
FWeston
Asked:
FWeston
  • 3
  • 2
1 Solution
 
balmasriCommented:
Configure SSL settings if you don't want your site to require SSL, or to interact in a specific way with client certificates. Click the site node in the tree view to go back to the site's home page. Double-click the SSL Settings feature in the middle pane.
  just disable using SSL for site1 as in the attached picture.SSL
0
 
FWestonAuthor Commented:
I'm not dealing with client certificates at all.  The image you posted doesn't seem to indicate SSL being disabled...the checkbox is checked to require SSL which would still leave http bound but would cause the user to get an "SSL required" error if they go to the http site.

What I'm trying to figure out is if I'm using wildcard SSL and have the same certificate bound to the same IP address on multiple IIS websites using different hostnames, and then I want to remove the https binding from one of those websites (and just make it a normal http site), how do I do it?
0
 
balmasriCommented:
This figure just to show you that you can configure ( enable & disable ) the SSL on site level.
0
 
FWestonAuthor Commented:
Right, but what I'm saying is the image you included has nothing to do with enabling or disabling SSL.  Those controls just choose whether to require SSL if it is already enabled.
0
 
FWestonAuthor Commented:
No solution.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now