IIS Multiple Secure Site setup

Afternoon All,
      I have a client with a Server 2008 machine running IIS 7, this server is running 15-20 Secure webpages all running from a single SSL certificate (covering the multiple domains) We had a request to add a new domain to this server with the following secure.<newdomain>.com. we have had the certificate updated and the new SSL installed. We created the new site on Port 80 and this will start no problem. When adding the SSL 443 port to the domain we are no longer able to start the site, (we are also not able to add a host header to the 443 host binding....

We get the error: This Website cannot be started. Another Web Site may be Using the Same port.

A NETSTAT is showing that we have ~ 4 sites running on two different external addresses XX.XX.XX.91 and XX.XX.XX.81

I am not a Web/IIS Guy so please do not assume i have complete any previous steps correct to begin with,

Many thanks
LVL 5
ncomperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

becraigCommented:
Try the following command for the new site:

appcmd set site /site.name:"<newdomain>.com" /+bindings.[protocol='https',bindingInformation='*:443:<newdomain>.com']
0
ncomperAuthor Commented:
Can i run that from the Cmd Line or will this need to be via Powershell?

Many thanks
0
becraigCommented:
you can run it from the command line just find the path where appcmd resides.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

ncomperAuthor Commented:
Ok, i ran the command but this took down an existing site on the xx.xx.xx.91 IP address.
0
becraigCommented:
Can you run the following from powershell it seems there might be a duiplicated ip/port combination.

Import-Module webadministration
gci IIS:\SslBindings\


You can redact your ips in the output.
0
ncomperAuthor Commented:
Thanks for the response, i am getting a few issues when running the script (can not accept argument 'gci') but what i am able to obtain is the following

IP Address       Port Store
----------       ---- -----
192.168.200.81   443  MY
192.168.200.91   443  MY
192.168.200.92   443  MY
192.168.200.93   443  MY

From a Netstat :443
C:\Users\administrator.WEBSERVER>netstat -aon | find ":443"
  TCP    0.0.0.0:443            0.0.0.0:0              LISTENING       4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27611  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27612  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27648  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27665  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27666  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27667  ESTABLISHED     4
  TCP    192.168.200.81:443     201.XXX.XXX.XXX:27684  ESTABLISHED     4
  TCP    192.168.200.91:443     81.XXX.XXX.XXX:61680       ESTABLISHED     4
  TCP    192.168.200.91:443     209.XXX.XXX.XXX:11886  ESTABLISHED     4
  TCP    192.168.200.91:443     209.XXX.XXX.XXX:21669  ESTABLISHED     4
  TCP    192.168.200.91:443     209.XXX.XXX.XXX:26060  ESTABLISHED     4
  TCP    192.168.200.91:443     209.XXX.XXX.XXX:30710  ESTABLISHED     4
  TCP    [::]:443               [::]:0                 LISTENING       4

Is this supplying any beneficial information?
0
becraigCommented:
Ok so based on the output:
192.168.200.81   443  MY
192.168.200.91   443  MY
192.168.200.92   443  MY
192.168.200.93   443  MY

This indicates you have 4 website bound on port 443 to different IP addresses.

You should be sure you are binding the new website to an IP address already in use eg:
appcmd set site /site.name:"<newdomain>.com" /+bindings.[protocol='https',bindingInformation='192.168.200.94:443:<newdomain>.com']


192.168.200.94 (if it's available would be a good address to configure and bind the new site to)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ncomperAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.