Solved

Assign different certificate under IIS 7

Posted on 2014-01-03
3
747 Views
Last Modified: 2014-01-04
Any idea how to bind another certificate to a subsite which is difference from the certificate assigned to the Default website ? I can't see the "bindings" link when I click the subsite.

Tks
Default.png
Subsite.png
0
Comment
Question by:AXISHK
  • 2
3 Comments
 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
Comment Utility
Nope. Make a different site instead of a folde in default site. Bind it to a different name. If you don't have one just add it to your hosts file.
0
 
LVL 61

Accepted Solution

by:
btan earned 400 total points
Comment Utility
You can only have 1 SSL certificate per IP:PORT combination e.g. restricted to one server certificate per endpoint (ip-port combination) since the server needs to use a particular server certificate for all connections to that endpoint (there are some rfcs about how the client can tell the server such as SNI which certificate to choose but that is not implemented in iis7 but iis8 has it) - if a site is bound to multiple end-points, you can have multiple server certificate, one per endpoint.

Pls see http://blogs.msdn.com/b/benjaminperkins/archive/2013/02/01/adding-a-hostname-to-your-ssl-certificate-binding-on-port-443.aspx

Common tools used for binding beside the GUI, is the use of appcmd.exe. See "Binding to a Site (IIS 7)" http://technet.microsoft.com/en-us/library/cc731692.aspx

I saw from forum one sharing on their bindings (assuming not same ip-port combination)
http://forums.iis.net/t/1031240.aspx?Multiple+SSL+Certificates+on+a+Web+Site+in+IIS7

e.g. create two self-signed certificates, one for each website (www.teste1.com and www.teste2.com) and configured each certificate with its IP address and https protocol. Below is sample of bindings:

<bindings>
 <binding protocol="http" bindingInformation="192.168.1.3:80:www.teste1.com" />
 <binding protocol="http" bindingInformation="192.168.1.4:80:www.teste2.com" />
 <binding protocol="https" bindingInformation="192.168.1.4:443:" />
 <binding protocol="https" bindingInformation="192.168.1.3:443:" />
</bindings>

Now I can use two certificates in the same website, but only, I need to have two IP address to response to this website.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
Comment Utility
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Logparser is the smartest tool I have ever used in parsing IIS log files and there are many interesting things I wanted to share with everyone one of the  real-world  scenario from my current project. Let's get started with  scenario - How do w…
First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now