Since I continually find myself Googling this information whenever I add a new site on our wildcard cert, I figured I’d document it here.
Adding a New Binding:
Requirements:
- A wild card SSL certificate (of the form *.domain.com). I assume the cert is already installed on your server.
- An IP you wish to use on multiple IIS sites.
- Two or more IIS sites with no SSL binding (I’ll touch on changing a binding at the end).
With these in place, adding an SSL cert is quite simple:
- In an elevated command prompt navigate to
C:\Windows\System32\inetsrv
- Enter the following command (replace {SITENAME}, {IP}, and {HOSTHEADER} with the appropriate values).
appcmd set site /site.name:{SITENAME} /+bindings.[protocol='https',bindingInformation='{IP}:443:{HOSTHEADER}'] - Check the selected cert in IIS via the bindings window. You can change the cert here, but you cannot change the host header.
That’s it.
Changing an Existing Binding:
Changing a binding is similar to the adding binding with a few alterations to the command
appcmd set site /site.name:{SITENAME} /bindings.[protocol='https',bindingInformation='{IP}:443:{HOSTHEADER}'].bindingInformation:{NEWIP}:443:{NEWHOSTHEADER}
comments and from Methodic Madness
kblood: you can have multiple ip’s for the same machie. just add as many as you want and add an entry in your hosts file. it’s found in windows\system32\drivers\etc folde.
then do the binding as such and you can have as many ssl sites as you have ip’s