Configure IIS SSL host header using a UI

IIS has a feature that allows multiple sites to share the same port, but use different domain names. Unfortunately the IIS UI doesn’t let you do that with HTTPS sites that use SSL certificates. Host name is literally disabled when when you select HTTPS.

This is only a UI limitation and you can actually assign a hosting name using the `appcmd` command line application. But if you are like me you sometimes prefer a UI especially when doing the same thing repeatedly.

So I created IIS Buddy, it mimics the IIS user interface, but unlike the native UI it lets you assign host names to HTTPS SSL sites just as easily as you can assign host names to regular HTTP site.

Download IIS Buddy

Download IIS Buddy for .NET Framework 3.5

Here are some screenshots:

iis-budy-screenshot-1
iis-budy-screenshot-2
iis-budy-screenshot-3

Comments

  1. says

    Hey Trapias, thank you for your comment. Actually after I wrote this blog entry I found a way to do right in IIS. All you have to do is change the friend name of your certificate so that it starts with an asterisk:

    Select Start > Run
    Type “MMC”, hit enter
    Select File –> Add / Remove Snap-in
    Select Certificates
    Select Computer Account
    Select Local Computer
    Click OK
    Locate your SSL certificate
    Right click on the certificate, select Properties
    Edit the Friendly Name so that it starts with an *

  2. says

    Nice application. Dealing with sharepoint sites this really came in handy. I found that when I ran it from cmd line it was adding a new entry and when I would add the cert it would delete the hostname. I will stick with your app. Thanks.

  3. Anonymous says

    Nice tool you have created. Now I just follow the comment from Luis Perez about having a friendly name like *.mydomain.com, but until I figured that out, then your tool really helped me.

    Thanks a lot.

    Søren from Denmark

  4. says

    This just worked for my needs… Thank you for taking the time to create this tool. Much better than having to do this from the command line.

  5. says

    i hope you (or someone can help).
    This IIS Buddy seems very promising, but i would like to clarify a few things
    before i buy the wrong SSL or SSL SAN certificate.

    – I have a Windows Server 2008, IIS 7.5 VPS.

    – i need to add 3 SSLs for 3 different domains, enabling https on:
    d1.com, d2.com, d3.com (and also smtp.d1.com, imap.d1.com, for each)

    1. with IIS Buddy, can i configure 3 regular SSL certificates — 1 SSL for each domain?
    2. or do i need 1 SSL SAN certificate, that lists d1, d2, d3.com?
    3. or do i need 3 separate SSL SAN certificates, 1 for each domain + sub-domain?

    4. for the SAN SSL, should i include mail.d1.com as one of the SAN entries,
    or listing just smtp.d1.com and imap.d1.com the proper way?

    I understand that SSL SAN certificates are for multi-domains, but i’m a bit unclear
    on how they sell these certs.
    e.g. i see 1 SAN +4, does that mean 1 top level domain, + 4 sub-domains?

    Also, I realize this is way beyond the scope of a friendly comment, and i would be
    happy to paypal you some funds for a helpful response.

    I’ve been pulling my hair out trying come figure out a solution to this.

    many thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *