Solved

Assign different certificate under IIS 7

Posted on 2014-01-03
3
756 Views
Last Modified: 2014-01-04
Any idea how to bind another certificate to a subsite which is difference from the certificate assigned to the Default website ? I can't see the "bindings" link when I click the subsite.

Tks
Default.png
Subsite.png
0
Comment
Question by:AXISHK
  • 2
3 Comments
 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
ID: 39755601
Nope. Make a different site instead of a folde in default site. Bind it to a different name. If you don't have one just add it to your hosts file.
0
 
LVL 62

Accepted Solution

by:
btan earned 400 total points
ID: 39755711
You can only have 1 SSL certificate per IP:PORT combination e.g. restricted to one server certificate per endpoint (ip-port combination) since the server needs to use a particular server certificate for all connections to that endpoint (there are some rfcs about how the client can tell the server such as SNI which certificate to choose but that is not implemented in iis7 but iis8 has it) - if a site is bound to multiple end-points, you can have multiple server certificate, one per endpoint.

Pls see http://blogs.msdn.com/b/benjaminperkins/archive/2013/02/01/adding-a-hostname-to-your-ssl-certificate-binding-on-port-443.aspx

Common tools used for binding beside the GUI, is the use of appcmd.exe. See "Binding to a Site (IIS 7)" http://technet.microsoft.com/en-us/library/cc731692.aspx

I saw from forum one sharing on their bindings (assuming not same ip-port combination)
http://forums.iis.net/t/1031240.aspx?Multiple+SSL+Certificates+on+a+Web+Site+in+IIS7

e.g. create two self-signed certificates, one for each website (www.teste1.com and www.teste2.com) and configured each certificate with its IP address and https protocol. Below is sample of bindings:

<bindings>
 <binding protocol="http" bindingInformation="192.168.1.3:80:www.teste1.com" />
 <binding protocol="http" bindingInformation="192.168.1.4:80:www.teste2.com" />
 <binding protocol="https" bindingInformation="192.168.1.4:443:" />
 <binding protocol="https" bindingInformation="192.168.1.3:443:" />
</bindings>

Now I can use two certificates in the same website, but only, I need to have two IP address to response to this website.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39756351
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now