Multiple SSL sites in IIS

I needed to add a site to IIS and it had to use SSL for the connection. I had a wildcard certificate already installed on the server and now I needed to add the host in, the same way you would add in a vhost entry if you were using apache. As I found out, in IIS there’s no way to point and click your way to get multiple sites on the same port, but there is with a bit of command line action.

And it’s pretty easy to do. So first, add the new site in. In this example I’m using the trusted site:

Open up IIS and add a new website:

Go through the wizard. Step 1:

Step 2: Add our site name/descriptor:

Step 3: Enter the IP to use and the port (in this case it’s a vhost entry for testsite. It uses the same port and address as all the other sites on the server, only difference is the name/prefix of testsite):

Step 4: Used the standard options and directory to keep it in:

Step 5: Done with that part.

Now, this site is a PHP site so I have to add in the standard options so the php extension is recognized and treated as code rather than text. So bring up properties for the site:

Migrate over to the “Home Directory” tab and change the execute permissions and then hit the configuration button:

In the list of extensions I don’t have my php extension, so I choose “add”:

Point to the location on disk of PHP and choose the extension to associate it with. I remember back in the day when you would specify php3 and php4 for the 2 different versions, could probably do that today, but I don’t care, the site uses simple php so whatever the default system version is fine for my needs:

Now back on the properties page, change over to the Documents tab we want to add in the index.php as the default root level page. So is really Or whatever you specify, default.php if you want, but I never was a big fan of the “default” verbage. So I click add:

Then add in that index.php page

Now move it up the list so that if there’s an index.html and an index.php the php page will get chosen first, then hit “Ok”:

Now in the main IIS page, you need to collect a bit of info for the next part. The command line trick requires an identifier. To get it, click on the websites in the left panel and you’ll see a list of all your sites (not shown here) and identifiers. Find your new site and make a note of the identifier. Out new site is the only thing I showed here and the identifier has the red box around it:

Now open up a admin command prompt, by right clicking on command prompt and “running it as administrator”. Enter the command below, but change in the identifier from the last step for the number and then your site name for the second arrow, the rest stays as is. When you execute it will show a similar output if successful.

And there you have it, you now have 2 sites (or many in my case) all on one webserver and all of them using the default 443 SSL port. It sends a user to the correct site by whatever domain name the user has entered in the url.



Leave a Reply

Your email address will not be published. Required fields are marked *