How To Set Up Multiple Websites Bound To The Same SSL Port In IIS On The Same Server

Once you have obtained SSL certificates for your domain names, you head over to the Internet Information Services Manager snap-in on you server, sure that it’s going to be a snap to set your websites up. You will quickly find that it is not all that apparent. Let’s say you have successfully installed siteA.com and siteB.com SSL certificates on the server and are trying to set up siteA.com and siteB.com using SSL port 443. You set siteA.com successfully choosing siteA.com certificate and it’s time to move to creating siteB.com. Now, when creating the binding to port 443, you naturally select the siteB.com SSL certificate in the drop-down, hit Ok, and… Bam! – you get this error:

“At least one other site is using the same HTTPS binding and the binding is configured with a different certificate. Are you sure you want to reuse this HTTPS binding and and reassign the other site or sites to use the new certificate?”

If you click yes, your siteA.com will get reassigned to siteB.com certificate and your customers will get the Domain Name Mismatch SSL error. Despite the fact that the domain name is different, you may be tempted to select siteA.com certificate for siteB.com. Well, if you did, you’ll get this error instead:

“The certificate associated with this binding is also assigned to another site’s binding. Editing this binding will cause the HTTPS binding of the other site to be unusable. Do you still want to continue?”

In this case, if you click Yes, your siteA.com will be stopped, while siteB.com will use siteA.com certificate and result in the Domain Name Mismatch SSL error. Try to start siteA.com and your siteB.com will need to be stopped.

So, how does one bind both sites to SSL port 443 and have them use their respective certificates? The answer lies in – yes, you may have so guessed it – IIS command tools which provide more control over IIS than the GUI snap-in does. In fact, all you have to do is run a command that explicitly binds your website to the domain name on the same port:

appcmd set site /site.name:"website name" /+bindings.[protocol='https',bindingInformation='*:443:host header']

And there you go – same server, same IIS, two different host headers – both on the same port 443 having their own SSL certificates.

This entry was posted in IIS and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *