Today I investigated a problem with IIS serving the wrong SSL certificate. My server runs two different web sites on the same interface but with different SSL certificates (because of the different hostnames). Even though I had set the right certificate for each site in its bindings window, IIS decided to use one certificate for both sites.
It would appear that, under the hood, certificates are bound to an IP address and port rather than a site. Since both sites used the same address and port, they got the same certificate. I worked around the problem by assigning one site to a different port, but that's not an ideal solution; I'm looking for something better.
No comments:
Post a Comment