Modifying IIS 6 to allow subdomains using a wildcard ssl certificate to use port 443

History: By default, IIS websites cannot use the same SSL port (443) for a site using the same IP address. Websites with different IPs can all use port 443. This situation is typical of a standard SSL certificate which is issued to a single host header (ie: secure.website.com). Any other attempt to connect to a site via https through a different host header (ie: http://www.website.com) causes a certificate error (this is by design).

This becomes an issue when trying to install a wildcard SSL certificate. Wildcard certificates provide the ability to secure all subdomains on the root domain using a single certificate. (*.website.com) examples:

root domain – website.com

subdomains -admin.website.com, shop.website.com,etc

However, after you’ve installed a wildcard certificate and try to set up the subdomain to use SSL port 443, you will receive a Port In Use error. You will not be able to start the subdomain websites with the port set to 443. The IIS MMC (inetmgr.mmc) does not provide a method of resolving this so you must use the command line. (Start -> Run -> cmd)

You need to determine the site identifier of the subdomain you wish to modify. To determine <site identifier> Open IIS MMC, click on Web Sites and view the Identifier number next to the subdomain website. In the following script, replace <site identifier> with the number shown in the IIS MMC and change subdomain.website.com to the subdomain you wish to modify. Run the script with the modifications and you should now be able to browse to https://subdomain.website.com with no error.

cscript.exe c:\inetpub\adminscripts\adsutil.vbs set /w3svc/<site identifer>/SecureBindings ":443:subdomain.website.com"

if you have multiple subdomains, you could create a batch file to run the scripts.

Advertisements

2 Responses to Modifying IIS 6 to allow subdomains using a wildcard ssl certificate to use port 443

  1. Daniel Schealler says:

    Thanks for that – it was really helpful, right when I needed it too.

    For anyone else: Be careful copying and pasting from the site. You may wind up with slanted double-quotes instead of standard, straight up-and-down double quotes.

    This will cause a parameter error when you try and start one of your sites.

    I know this because I didn’t check the first time around and wound up confused as hell for about ten minutes.

  2. JayB says:

    Ya, sorry about that – all recent posts I’ve used <pre> tags around code to avoid that.. I guess I should go back and edit all my past posts. (just did this one)

    Glad it worked for you in any case.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: