Host name for SSL bindings in IIS 7

September 5th, 2011 Leave a comment Go to comments

SSL Host Headers in IIS 7

Binding SSL certificate to an IIS 7 website is pretty straight forward using the IIS Manager interface.
Site bindings in IIS 7

But IIS disables the Host name field for the SSL bindings. This creates problems when you have one certificate for several of your domains and you need to distinguish them using host headers.

Although not very well documented, IIS does support multiple host headers for SSL bindings. Following are the steps to configure it.

  1. Install the SSL certificate on IIS (http://www.sslshopper.com/article-installing-an-ssl-certificate-in-windows-server-2008-iis-7.0.html)
  2. From the start menu select “Run”.
  3. Type “MMC” and hit enter; this will launch the Microsoft Management Console.
  4. Select File –> Add / Remove Snap-in.
  5. Select Certificates from the “Available snap-ins” list and hit the add button.
  6. Select the “Computer Account” option when asked which certificates the snap-in will manage.
  7. Click “OK”
  8. Look in the appropriate folder the certificate was originally installed in, if the certificate is self signed it can be found under “Personal”.
  9. Right click on the certificate name and select properties.
  10. Change the friendly name such that it starts with *
  11. Click “OK”.
  12. Now open the IIS management console and edit the site bindings for the website that you wish to define the host header. Select the certificate from the menu, you would see that the hostname field is now enabled, define you host header in this field.

    Site bindings in IIS 7 - hostname field enabled

  13. Repeat step 12 for all the sites this certificate should be used for.
  1. No comments yet.

Leave a reply

 
 
 


two + 4 =