SSL Wildcard Certificate enables Host Headers on SSL in IIS7

But not with the GUI… Sad smile

Here’s an example:

C:\Windows\System32\inetsrv>appcmd.exe list site
SITE "Default Web Site" (id:1,bindings:http/*:80:,state:Started)
SITE "borrowers" (id:2,bindings:http/109.235.146.120:80:borrowers.fasttrac.co.uk,https/109.235.146.120:443:borrowers.fasttrac.co.uk,state:Started)
SITE "lenders" (id:3,bindings:http/109.235.146.120:80:lenders.fasttrac.co.uk,https/109.235.146.120:443:lenders.fasttrac.co.uk,state:Started)

In order to get the host header bindings you need this arcane syntax for each website:

C:\Windows\System32\inetsrv>appcmd.exe set site /site.name:"borrowers" /+bindings.[protocol='https',bindingInformation='109.235.146.120:443:borrowers.fasttrac.co.uk']
SITE object "borrowers" changed

And in order to remove the existing https bindings:

C:\Windows\System32\inetsrv>appcmd.exe set site /site.name:"borrowers" /-bindings.[protocol='https',bindingInformation='109.235.146.120:443:']
SITE object "borrowers" changed

If you had previously bound to any IP (not a static one), the substitute ‘*:443:’ instead of ‘<ip address>:443:’

Check it all again with appcmd list site.

Impossible to remember, but easy to do…

Advertisements
This entry was posted in Systems and tagged . Bookmark the permalink.

3 Responses to SSL Wildcard Certificate enables Host Headers on SSL in IIS7

  1. alasdaircs says:

    To update the existing binding, use:

    appcmd.exe set site /site.name:”Site Name Here” /bindings.[protocol=’https’,bindingInformation=’*:443:’].bindingInformation:*:443:host.domain.here

    And replace “Site Name Here” and host.domain.here as appropriate.

  2. Justin says:

    When I do this it does create the binding and host header but does not select the right certificate. If I select the certificate the host header goes away.

  3. alasdaircs says:

    Once you start with the command line, you can’t go back to the GUI – it’ll break it for you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s