Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Apply SSL certificate to an web application only under IIS

Posted on 2016-07-26
Last Modified: 2016-08-04
On my Windows 2008 server, I have one web site in IIS which has many web applications.
Now I am in need to apply an SSL certificate (I mainly needed it for only one of web application).

Now If I apply the ssl Certificate to the web Site, I need to test all the web applications under it.
Is there any way by which the SSL certificate only applies to one web application under the web site which I wanted.

or one option is I keep Http and HTTPS both open for all web applications and just for one I write a URL rewrite rule  so that all the http request redirects to https.
Question by:yadavdep
  • 2

Assisted Solution

by:David Sankovsky
David Sankovsky earned 500 total points
ID: 41730651
an SSL certificate in IIS works on binds. if you can have specific bind to your app, you could bind only that fqdn to port 443, while the rest won't listen on it.
That way, you can protect only one application.
The rewrite should work for you as well.

Accepted Solution

yadavdep earned 0 total points
ID: 41730708
I am a bit confused here how to do it.
For example here is few of the application under my site. www.xxx.com/app1, www.xxx.com/app2, www.xxx.com/app3.

Now if I need to apply the ssl certificate only to www.xxx.com/app3 then what binding setting I should do for this?

Author Closing Comment

ID: 41742156

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question