1

Let me start off my saying, IIS is not a strong point of mine. I had asked THIS question here, because i was trying to use 2 different certs on different sites. Scratch all that now, there is a new configuration.

I've purchased a UC cert, and given it all the necessary domains that i need. Here is my new question, I have 2 sites in IIS that both need to use the same cert, is this even possible? What do i need to do to make both sites work? Is there a 'host-headers for dummies' out there?

EDIT: I should mention that one of the sites is my Exchange 2007 site, and the other is a SharePoint site.

Community
  • 1
DanBig
  • 11,393
  • 1
  • 28
  • 53

2 Answers2

2

To do this you need to use SSL host headers.

The first thing to do is to setup all your sites in IIS for normal HTTP, so set them up, set them all to listen on the same IP with different host headers. I assume you have already done this with at least one site, as you have got your certificate already. Setup your certificate on one of your sites as you would do normally.

Next you need to setup SSL host headers on the other site, to do so run this command from the command prompt, in the C:\Inetpub\AdminScripts folder:

cscript.exe adsutil.vbs set /w3svc/<site identifier>/SecureBindings ":443:<host header>"

Replacing site identifier with your site ID that can be seen in IIS, and host header with the actual host header for this site.

This will then create an SSL host header for that site, that will use the certificate from the first site.

If you want a more detail explanation look here.

Sam Cogan
  • 38,158
  • 6
  • 77
  • 113
  • OK, I was having some issues this morning even getting the new cert to work, turns out the private key was missing. Once that was cleared up, my Exch2007 site is up and running with SSL, and all is well with that. Now, I'm unable to even start my Sharepoint site, because it complains about the ports being the same (80 and 443). So I should now run that command against my SP and all will be right in my IIS world? – DanBig Nov 12 '09 at 19:34
  • yes it wont start because you allready have Exchange using the IP for ssl, remove the SSL from your sharepoint site, then run that command. – Sam Cogan Nov 12 '09 at 19:46
  • OK, I've just run the script and it looks good. Sam, you are the man! – DanBig Nov 12 '09 at 19:46
0

For IIS 7, see http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html

For IIS 6, see http://www.sslshopper.com/article-how-to-configure-ssl-host-headers-in-iis-6.html

Robert
  • 1,575
  • 7
  • 7