IIS6: Web Site presenting the wrong SSL certificate

Posted by pcampbell on Server Fault See other posts from Server Fault or by pcampbell
Published on 2009-08-24T21:56:26Z Indexed on 2010/04/02 9:03 UTC
Read the original article Hit count: 1403

Filed under:

iis6

|

ssl-certificate

|

windows-server-2003

Consider an IIS6 installation with multiple Web Sites. Each is intended to be a different subdomain with its own cert (not a wildcard cert). Each has their host-header specified properly.

foo.example.com - port 443. Require SSL w/128 bit. Working properly! It presents its SSL cert properly to the browser. Configured for a specific IP address.
bar.example.com - port 443. Require SSL w/128 bit. Configured for all unassigned addresses. When inspecting the IIS property page, it fully shows the cert for bar.example.com on the View Certificate button. This is a NEW web site that is having cert problems. It's presenting the cert for foo.example.com. Ouch!

alt text

Question: can you have more than one subdomains both running on separate websites with SSL certs on the same port (443)? How would you configure 2 web sites on the same range of 'all unassigned' for the same port (443) ?

Update: ignoring the cert error, when browsing to https://bar, the content served is from https://foo site.

When NOT using SSL, browsing to http://bar serves the correct content from bar.

Just one address is assigned to this DMZ server.

© Server Fault or respective owner

Related posts about iis6

Best way to migrate from IIS6 to IIS6

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I need to move all my sites on a server with IIS 6 to another one, that has same OS (Windows Server 20003) and same IIS version. I'm trying to understand which is the best way to do it. Searching on Google I've found that there are at least 2 methods, one uses IIS Migration Tool, and another… >>> More
Best way to migrate from IIS6 to IIS6

as seen on Server Fault - Search for 'Server Fault'
Hi, I need to move all my sites on a server with IIS 6 to another one, that has same OS (Windows Server 20003) and same IIS version. I'm trying to understand which is the best way to do it. Searching on Google I've found that there are at least 2 methods, one uses IIS Migration Tool, and another… >>> More
IIS6 all websites displays another site when using https

as seen on Server Fault - Search for 'Server Fault'
I have the following websites set up in iis 6. site1.com site2.com site3.com Accessing site1 is via the address https://site1.com. Accessing site2 and site three should be through http. When I try to access https://site2.com it displays the website of https://site1.com. How can I stop this. I either… >>> More
IIS6 Log time recording problems

as seen on Server Fault - Search for 'Server Fault'
On three separate occasions on two separate servers at nearly the same times, 6.9 hours seemingly went by without any data being written to the IIS logs, but, on closer inspection, it appears that it was all recorded all at once. Here's the facts as I know them: Windows Server 2003 R2 w/ IIS6 Logging… >>> More
IIS6 - 301 permanent redirect response accessing an asp.net web site

as seen on Stack Overflow - Search for 'Stack Overflow'
I've installed an ASP.NET 2.0 virtual directory application on the default web site in IIS6 (Windows 2003 computer) with a Visual Studio generated web deployment setup. Unfortunately, following a successfull installation, I'm unable to access our web site. I get a permanent redirect from IIS as shown… >>> More

Related posts about ssl-certificate

import SSL Certificate from IIS to Tomcat

as seen on Server Fault - Search for 'Server Fault'
Can we import the IIS CSR to the java keytool? >>> More
PCI scan failure for SSL Certificate with Wrong Hostname?

as seen on Server Fault - Search for 'Server Fault'
A client had a PCI scan completed by SecurityMetrics, and it now says they failed due to the SSL certificate for the SMTP port 25 (and POP3s/IMAPS) not matching the domain scanned. Specifically: Description: SSL Certificate with Wrong Hostname Synoposis: The SSL certificate for this service is… >>> More
Setting up an SSL Certificate in Apache

as seen on Internet.com - Search for 'Internet.com'
When the HTTP protocol was designed, it was assumed that data transmission would be secure. Times have changed and network security has become much more important to us, especially for certain tasks. Sukrit Dhandhania shows you how to set up Secure Sockets Layer. >>> More
wildcard ssl certificate - exchange 2010 - POP/IMAP problem

as seen on Server Fault - Search for 'Server Fault'
previously we have requested a wildcard ssl certificate from godaddy for our major domain. one of the reasons was the new established exchange server 2010. usually you require following names included in certificiate: FQDN (e.g. mail.whatever.com) Hostname (mail) Domain name (whatever.com) Autodiscover… >>> More
SSL certificate fail apache

as seen on Server Fault - Search for 'Server Fault'
Hello, I have setup a certificate on Apache server. When I access my site's https pages, I see the certificate flashing (in FireFox's url tab) and disappearing immediately. The browser stays in the same windows (https) but now certificate info is not displayed and the connection is not encrypted… >>> More