Server is windows 2012 Standard with IIS8.
We are trying to use the central certificate store for SSL certificates.
Initially we had 1 site (site1.com) with a SSL cert, and in the bindings we selected the certificate, we were not using CCS. This worked fine.
We put a second site (site2.com) on the server that would need SSL. So I generated the cert for this site, and then created .pfx certificates from the server for both websites.
I put both certificates in a file share, gave access to the web service account, and configured CCS settings to go to the file share, use the account to login, and with the Certificate Private Key Password.
When I open the Centralized Certificates on the web server both certificates were listed.
All the appropriate information shows up in the other columns.
I then switched the binding on both sites to have require Server Name Indication, and Use Centralized Certificate Store.
Site 1 has
https site1.com 443 *
Site 2 had
Https site2.com 443 *
Once this was done Site2 would come up fine on though HTTPS. Site1 would come up and have a name mismatch and when you looked at the certificate it would say it was using Stie2's certificate.
I tried removing Server Name Indication, same result.
I tried restarting the IIS server, and rebooting the server entirely. Same result.
I then deleted the site2 certificates from the CCS file share, and in the server certificate manager. Rebooted.
In CCS configuration Site2 certificate is gone.
Site1 still shows the name error. I am not sure how its even still using site2's certificate.
If I switch the https binding for site1.com, and remove the Use Centralized Certificate store option, and select the SSL certificate directly it works fine.
If I turn CCS back on, with or without SNI, I get the name mismatch and it shows as using site2's certificate.
I'm looking to get this running so I can have multiple SSL/Https sites running on this server, and I'm not sure where I went wrong, or how its still using a cert I deleted.