Monday, March 14, 2016

How to install two SSL certificates on two root websites on the same IIS server?



I have two root websites on the same IIS server. I tried to create two HTTPS bindings for each of them:



(1) HTTPS, All unassigned, 443, www.site1.com, SSL issed to www.site1.com



(2) HTTPS, All unassigned, 443, www.site2.com, SSL issed to www.site2.com



I realised that it doesn't work. The two websites always end up using the same certificate. I was told that the two HTTPS bindings must use different port numbers. But this means that the clients of one of the websites will have to enter the port number in their URL. Very ugly.




How do I get over this problem?


Answer



If you want to use multiple websites on the same host with different certificates, you need SNI, Server Name Indication, from the client. Modern clients should support this. You also need to enable it on the server. Microsoft has instructions how to do this. Basically, you have to specify the host name and check the box "Require Server Name Indication", in addition to the normal setup.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...