Were I work, we have setup an iis that is going to serve all our various environments. Since we didn’t want to create various ports, we decided to add host name on the http binding of each site.
On of our sites though needed an secure logon page, so we came to this problem.
You cannot set host name on an ssl binding through Internet Information Services Manager
While looking on the internet I came across solutions that depend on the appcmd tools located in C:\Windows\System32\inetsrv
While from this tool you can create an ssl binding with hostname, you cannot specify the ssl certificate. If you do so, then if you edit the ssl binding to add the cerificate the host name gets lost.
While looking at the help of appcmd I understood that there is a way to edit the binding, as long as it can be found. I did some test and yes, the host name was added on an existing ssl binding, while keeping the ssl certificate.
Because it is somehow tricky to edit the binding from the appcmd, I created a batch file than can be reused. The file contains on line
call C:\Windows\System32\Inetsrv\appcmd set site /site.name:%1 /bindings.[protocol=’https’,bindingInformation=’*:443:’].bindingInformation:*:443:%2
- %1 is the site name
- %2 is the host name you want to add
If you would like some explaining, the first bindingInformation basicaly is a search filter that corresponds to a non declared host name and the second is the new value you want to set on the found one. The syntax is much like a dictionary search from C# and I can admit that once I understood it I liked it.
If the transaction is successful you will see a changed output. Most commonly if the filter is not right for whatever reason the appcmd will inform you that it could not find the specified binding
Finally the steps are to give an ssl binding host name are.
- Create the ssl binding with the certificate
- Run the above batch file with appropriated parameters as explained above
- Restart the site as various articles I read instructed, thought while I was playing I never needed it.
- Never edit the binding, because you will loose the host name. if you try to edit it, it won’t be displayed so don’t be alarmed as long as it is displayed in the bindings list