Solved

Assign different certificate under IIS 7

Posted on 2014-01-03
3
777 Views
Last Modified: 2014-01-04
Any idea how to bind another certificate to a subsite which is difference from the certificate assigned to the Default website ? I can't see the "bindings" link when I click the subsite.

Tks
Default.png
Subsite.png
0
Comment
Question by:AXISHK
  • 2
3 Comments
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
ID: 39755601
Nope. Make a different site instead of a folde in default site. Bind it to a different name. If you don't have one just add it to your hosts file.
0
 
LVL 63

Accepted Solution

by:
btan earned 400 total points
ID: 39755711
You can only have 1 SSL certificate per IP:PORT combination e.g. restricted to one server certificate per endpoint (ip-port combination) since the server needs to use a particular server certificate for all connections to that endpoint (there are some rfcs about how the client can tell the server such as SNI which certificate to choose but that is not implemented in iis7 but iis8 has it) - if a site is bound to multiple end-points, you can have multiple server certificate, one per endpoint.

Pls see http://blogs.msdn.com/b/benjaminperkins/archive/2013/02/01/adding-a-hostname-to-your-ssl-certificate-binding-on-port-443.aspx

Common tools used for binding beside the GUI, is the use of appcmd.exe. See "Binding to a Site (IIS 7)" http://technet.microsoft.com/en-us/library/cc731692.aspx

I saw from forum one sharing on their bindings (assuming not same ip-port combination)
http://forums.iis.net/t/1031240.aspx?Multiple+SSL+Certificates+on+a+Web+Site+in+IIS7

e.g. create two self-signed certificates, one for each website (www.teste1.com and www.teste2.com) and configured each certificate with its IP address and https protocol. Below is sample of bindings:

<bindings>
 <binding protocol="http" bindingInformation="192.168.1.3:80:www.teste1.com" />
 <binding protocol="http" bindingInformation="192.168.1.4:80:www.teste2.com" />
 <binding protocol="https" bindingInformation="192.168.1.4:443:" />
 <binding protocol="https" bindingInformation="192.168.1.3:443:" />
</bindings>

Now I can use two certificates in the same website, but only, I need to have two IP address to response to this website.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39756351
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question