Shulou(Shulou.com)06/02 Report--

IIS7 IIS7.5 IIS8

Wildcard certificate deployment

To import a wildcard certificate, you can enter IIS through MMC or IIS, set up a site with 2 sub-domain names, and then start binding

After selecting the wildcard certificate, you can enter the subdomain name on the host header, and then click OK to repeat the above process for another subdomain name site.

Multi-domain name certificate deployment

In IIS 7.x, if the wildcard certificate that starts with * is not selected in the binding, the column above the host header automatically turns gray (IIS8 does not have this problem), so the host header cannot be set. There are two solutions, the first is more convenient. Import the certificate, either through MMC or IIS. Enter MMC, find the certificate you just imported, select the attribute, and add a friendly name. For example, if the original www.myssl.cn is changed to * www.myssl.cn, make sure that the first character is *. In this way, IIS will determine that this is a wildcard certificate and allow the host header to be entered. The later sections refer to the wildcard certificate above.

IIS6

Check whether WINDOWS2003 has been upgraded to SP1 or above. If SP1 is not upgraded, the next steps will not be completed to ensure that the certificate used is a multi-domain name or a wildcard certificate. Both websites must use this certificate. If the CN and SAN of this certificate do not contain the domain names of the two websites, a warning will be issued to first install the SSL certificate for site 1 and configure the SSL port as 443 according to the normal process. For site 2, select assign certificate, select the certificate used by site 1, and configure the SSL port to a different port number (444445446.)

Please log in to the system with the local administrator and start the command line program "cmd". Run the following instructions:

Cscript.exe c:\ inetpub\ adminscripts\ adsutil.vbs set / w3svc/ site identifier / SecureBindings ": 443: host header"

When you go back to the IIS6 console and refresh it, you can find that the SSL port of website 2 has been changed to 443.

IIS server multi-domain name SSL certificate binding port 443 solution

By default, a server's IIS can only be bound to one HTTPS, that is, port 443.

To achieve multiple site corresponding HTTPS, only IIS configuration can be changed.

1. By default, a server's IIS can only be bound to one HTTPS, that is, port 443.

To achieve multiple site corresponding HTTPS, only IIS configuration can be changed.

First of all, assign each site a different port, such as 443.444.445. (the certificate must be multi-domain)

2. Then in: C:\ Windows\ system32\ inetsrv\ config\ applicationHost.config

find

Modified to:

Keep in mind that each site needs to be modified.

3. Then reselect the certificate on the iis site and restart the iis site.

Note: restart the iis site, do not restart the entire IIS server, or you will need to restart the above steps!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.