Tuesday, March 31, 2009

How to setup SSL Host Headers IIS6

Host headers are used whenever you want to have multiple websites all on the same port, usually port 80 the standard http port. This can be configured in under Internet Information Services (IIS) Manager.






However in IIS Manager it does not let you configure host headers for SSL for websites listening on 443. Instead you need to use a vbs script provided by microsoft to achieve this. To do this perform the following:
· Create the website
· Setup your SSL Certificate as standard practices.

When you make changes in IIS Manager, it does not write them directly to the IIS Metabase, it simply stores them directly in memory. The IIS Service then does incremental updates to the IIS Metabase on a timed interval. To force the IIS Metabase to be updated with the new website you just created, run the iisreset program in a command prompt.

To setup the SSL host header we need the site identifier. To find this you need to open the IIS Metabase located by default in C:\WINDOWS\system32\inetsrv\MetaBase.xml



Find the name of your website for example "SharePoint - extranet80".





Under Location we have the Site Identifier, in this instance is 894944452.

There is a technet artical on how to Configuring Server Bindings for SSL Host Headers (IIS 6.0).

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/8d9f2a8f-cd23-448c-b2c7-f4e87b9e2d2c.mspx?mfr=true

To bind the SSL Host Header for this site to extranet.citicpacificmining.com using the above article we would perform the following:
· Open a command prompt
· cd "C:\Inetpub\AdminScripts"
· cscript.exe adsutil.vbs set /w3svc/894944452/SecureBindings ":443:extranet.citicpacificmining.com"
· iisreset

If you navigate back to the MetaBase.xml file, you will notice that the SecureBindings string has changed:



Perform the same steps for each SSL webpage you want to configure a host header for.

1 comment:

  1. SSL certificates can provide you with non-forgeable proof of your website's identity, and customer confidence in the integrity and security of your online business.

    ReplyDelete