I'm trying to set up a different website on IIS but it keeps wanting to use an SSL certifcate that is configured for a different website within the same IIS.
e.g. https://localhost:443 has a security certificate but i want to create http://localhost:98/
Steps I've done:
Created a new application pool
Created the website within IIS
Edited bindings to point to a specific IP address and port: e.g: http://123.456.789.10:98/
Edited binding for localhost to use a different port: 98 e.g: localhost:98/
What's happening is that now whenever I go to localhost:98 or the ip address, it keeps redirecting the site back to the website that has the SSL certificate for it
eg. I click localhost:98/ but it redirects to https://localhost/
What can possibly be incorrect with this setup? I had it working before but then when i tried to apply a different SSL certificate, it didn't work, i re-set up everything and it's constantly pointing to this situation.
Related
I have installed Godaddy Certificate with steps below
https://in.godaddy.com/help/manually-install-an-ssl-certificate-on-my-iis-8-server-4951
After adding in Binding on port 443, the website opens with https on the server machine.
When tried to access from outside machine, it shows this site cannot be reached.
It is still working with http everywhere.
Note - basic things are all done like restarting server.
I have created two sites on my server, on different subdomains. I have a SSL certificate I am binding to website A, running without problems. When I add binding to the same certificate on website B, it fails to run, saying
"This website cannot be started. Another web site may be using the same port."
When I remove the binding to :443 from website B and just leave http running at :80, it starts without problems (website A's http is also running on :443). What could be the problem?
Note: apparantely, the reason why both A nd B are capable of running on :80 is that they are also bound to different subdomains - however, the textbox for inputting website-specific subdomains is disabled when adding a binding to an SSL certificate.
I have a server which is hosting a domain named abc.com . I have an SSL certificate installed for this domain on server and abc.com require SSL. Now I have a sub domain say sub.abc.com which is secured by another SSL certificate.
Now this is what I did to bind. Clicked the main site abc.com in IIS and opened bindings. Now in bindings, I added https and for IP Address I gave All Unassigned. For SSL certificate I selected the SSL cert for abc.com.
Again for the sub domain binding I followed same steps but under IP Address I gave the IP (19.xxx.xx.xx) of my server. Under certificate I picked the certificate for sub.abc.com.
Now on a browser if I open sub.abc.com its working fine. But if I load abc.com then the site is loading with warning and its displaying the certificate of sub.abc.com instead of abc.com . In bindings I can confirm that I have mapped to correct certificate.
Not sure whats going wrong here. Any help highly appreciated.
If you are running IIS 8 and above, you can use SNI,
http://www.iis.net/learn/get-started/whats-new-in-iis-8/iis-80-server-name-indication-sni-ssl-scalability
You may also go for WildCard certificate i.e a certificate issues to *.abc.com for the root domain , this will not only simplify your deployment and will provide adequate security as well.
after enabling SSL Certificate IIS7.5 does not start Default site and above error occurred.
Probably you are configuring your host headers incorrectly. For SSL to work properly you need to actually define the domain name it will use, or bind the site to *443 which means all ssl requests on that particular ip would hit that site. Try doing a full restart, and if that doesnt work try and see if something is grabbing your SSL port.
I have a domain which we'll call www.mydomain.com for reference. I have a subdomain at m.mydomain.com for people who want to view the website via their mobile devices. My users are logging into this site so I wanted to protect their credentials if possible. Because of this, I purchased an SSL certificate.
I'm not an SSL certificate guru, so I may be misunderstanding something. I thought that I could have a single SSL certificate for my domain. However, when I attempt to access https://m.mydomain.com I get redirected to https://www.mydomain.com instead of seeing the content that is at http://m.mydomain.com. In other words, here is a list of my configurations and results pulled from IIS 7:
Site Name Binding Type Host Name Port IP Address Result via Browser
--------- ------------ --------- ---- ---------- -----------------------------------
MySite http 80 ww.xx.yyy.zz http://www.mydomain.com works fine
MySite https 443 ww.xx.yyy.zz https://www.mydomain.com works fine
MyMobileSite http m.mydomain.com 80 ww.xx.yyy.zz http://m.mydomain.com works
My first hunch was to add a new binding of type https to MyMobileSite on port 443. However, in the process, I noticed that I'm prompted to select an SSL certificate. I'm concerned that if I select the SSL certificate associated with MySite, it will break that binding. Once again, I do not fully understand SSL certificates. Can I use the same SSL certificate across multiple IIS Sites and multiple binding as long as they share the same domain? Can I go ahead and create the binding like I was thinking? My main concern is that I break something and being unable to reverse it.
Thank you!
no the fact is that certificates are used to verify that your not using someone else's ip (spoofing) i suggest using linux and self signed ssl certificates but if your using windows thats fine too just use ssl on all your domains as long as there on same (external) IP,
hope this helps.
PS SSL is just a way of making sure security encrypted protocols are in effect between server and client.
I always recommend having both :443 and :80 for everyone to choose how they connect except if you are running sensitive data streams for money transfers etc, then defiantly make sure it uses secure (443 port) and never port 80 (unsecured connection).
It all depends on the type of certificate you purchased. Usually your lower costs cretificates are tied directly to one domain/sub domain name. However there are certificates that you can buy for instance the
http://www.verisign.com/ssl/buy-ssl-certificates/subject-alternative-name-certificates/index.html
Depending upon your organizations policy on purchasing, i would almost just suggest buying a seperate one for the Mobile site