Solved

Assign different certificate under IIS 7

Posted on 2014-01-03
3
762 Views
Last Modified: 2014-01-04
Any idea how to bind another certificate to a subsite which is difference from the certificate assigned to the Default website ? I can't see the "bindings" link when I click the subsite.

Tks
Default.png
Subsite.png
0
Comment
Question by:AXISHK
  • 2
3 Comments
 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
ID: 39755601
Nope. Make a different site instead of a folde in default site. Bind it to a different name. If you don't have one just add it to your hosts file.
0
 
LVL 62

Accepted Solution

by:
btan earned 400 total points
ID: 39755711
You can only have 1 SSL certificate per IP:PORT combination e.g. restricted to one server certificate per endpoint (ip-port combination) since the server needs to use a particular server certificate for all connections to that endpoint (there are some rfcs about how the client can tell the server such as SNI which certificate to choose but that is not implemented in iis7 but iis8 has it) - if a site is bound to multiple end-points, you can have multiple server certificate, one per endpoint.

Pls see http://blogs.msdn.com/b/benjaminperkins/archive/2013/02/01/adding-a-hostname-to-your-ssl-certificate-binding-on-port-443.aspx

Common tools used for binding beside the GUI, is the use of appcmd.exe. See "Binding to a Site (IIS 7)" http://technet.microsoft.com/en-us/library/cc731692.aspx

I saw from forum one sharing on their bindings (assuming not same ip-port combination)
http://forums.iis.net/t/1031240.aspx?Multiple+SSL+Certificates+on+a+Web+Site+in+IIS7

e.g. create two self-signed certificates, one for each website (www.teste1.com and www.teste2.com) and configured each certificate with its IP address and https protocol. Below is sample of bindings:

<bindings>
 <binding protocol="http" bindingInformation="192.168.1.3:80:www.teste1.com" />
 <binding protocol="http" bindingInformation="192.168.1.4:80:www.teste2.com" />
 <binding protocol="https" bindingInformation="192.168.1.4:443:" />
 <binding protocol="https" bindingInformation="192.168.1.3:443:" />
</bindings>

Now I can use two certificates in the same website, but only, I need to have two IP address to response to this website.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39756351
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Expand customer access for public website. 9 62
IIS 7 Log 2 41
WebSite Direction 1 42
SSL certificate is expired on Windows 2012 server and How to generate a CSR 2 34
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question