The problem is that only one site can be bound to the https protocol and if I disobey that rule I get strange behaviour such as requests for site1 actually serving the page from site1.
How to host multiple secure sites on your local IIS
First, you should know that sites resolve which site to bind to based on:- Host header e.g. local.www.site1.com
- Port e.g. 443
- IP adress
In this scenario I really just want to change the host headers of the two https bindings for the different sites but IIS won't let me. But I have ways of persuading it...
Step 1:
Navigate your way to
C:\Windows\System32\inetsrv\config
where you may or may not see applicationHost.config. This is a very mysterious file, it's there but not, sort of. I've found that it can be edited in NotePad (but nothing else(?))Step 2:
Ctrl+F your way to "443:" and you should find your attempted 443 http bindings. In my case there are two and they both look like
<binding protocol="https" bindingInformation="*:443:" />
(Oh yeah they are exactly the same, lets change that.Step 3:
Change them to
<binding protocol="https" bindingInformation="*:443:local.www.site1.com" />
and <binding protocol="https" bindingInformation="*:443:local.www.site2.com" />
respectively.
Does work with separate SSL certs for each site? The way I understand it, IIS needs to know the cert in order to decrypt the host name and therefore what site to route the request to.
ReplyDeleteI don't think the host name is encrypted when using SSL
ReplyDeleteTried to use 2 certificates, but could not get this to work. All sites i created use the same certificate right now...
ReplyDeleteit can definitely work with only one certificate (providing the certificate is legitimate for your different sites e.g. a self-signed certificate in a dev environment). Should definitely work for 2 certs... This has guided many people successfully...
ReplyDeleteThis method does not work if you don't have the same wildcard or SAN certificate configured on each site. The host header IS encrypted when using SSL so IIS needs the same certificate to first inspect the host header and then send it to the correct site.
ReplyDeleteInteresting. Cheers for the extra info Frank!
ReplyDeleteJust so you know the set up that works for me is multiple websites on one machine (my development environment) with one self signed certificate shared between them all. NOT LIVE ENVIRONMENT!
From the comments it does look like this doesn't work in the same way when you have different SSL certs. Probably for the reasons Frank gave.
Please also note that you need to open the file applicationHost.config using a 64 bit version of Notepad see http://www.flos-freeware.ch/notepad2.html as the changes in the files are not always seen in the version of Notepad that ships with windows.
ReplyDeleteThank you for sharing a superb information. I am impressed by the details that you have on this blog.
ReplyDeleteHKTVmall For PC
Buy lactogen 3 price in pakistan at medisense with affordable prices. Shop Now!
ReplyDeletebuy insulin pen online from medisense at best prices. Order Now!
ReplyDeleteWe care your babies. buy baby care products In Pakistan at best prices from medisense. Order Now and Enjoy Free delivery.
ReplyDeleteExcellent read, Positive site, where did u come up with the information on this posting? I have read a few of the articles on your website now, and I really like your style. Thanks a million and please keep up the effective work,If anyone interested similar one's have a look here thanks.
ReplyDeleteshih tzu puppies for sale near me
buy puppy online
fuhrerschein-kaufen-schweiz