How to disable HTTPS on IIS 7.5

iis ssl-certificate iis-7.5 https certificate
9,399

IIS will send the traffic for a particular IP address to the site that is configured for that IP using port 443. SSL or HTTPS requires 1 IP per address (excluding wildcards). So if you have the IP of 127.0.0.1 bound to site1.com on 443 and site2.com on all IPs, then when you browse to https://site2.com you are still calling the same IP address regardless of the host headers, IIS will send you to site1 and throw the certificate warning.

To prevent that behavior, you need another IP for site2.com and bind each site to those IPs in IIS.

Share:
9,399
Darko Romanov
Author by

Darko Romanov

I'm a senior web developer, started to write programs on my epic Commodore 16 in the the early '80s Now I'm a qualified WordPress plugin developer with passion for visual computing.

Updated on September 18, 2022

Comments

  • Darko Romanov
    Darko Romanov over 1 year

    I have a IIS 7.5 on Windows2008, hosting a couple of dozen of sites.

    Two sites use HTTPS, we call them www.site1.com and www.site2.com

    Now the problem is that if I (for any reason) browse to https://www.site3.com the connection is not dropped as expected (by me) but the browser shows the alert of unsecure content, because the domain doesn't match the certificate.

    I don't know how to avoid this behavior and I wonder if it's even solvable.

    • Hamed
      Hamed over 10 years
      Sorry first of all what do you mean by connection is not dropped by me. i am assuming you have setup the correct host header for your sites. Next question is how did you setup your bindings?
    • Darko Romanov
      Darko Romanov over 10 years
      The binding of all sites are on port 80, except for two sites that have both 80 and 443. So, I'd expect that calling site3.com the connection was dropped, because www.site3.com doesn't have a binding on port 443.
    • Nathan C
      Nathan C over 10 years
      Do site2.com and site3.com resolve to the same IP?
    • Darko Romanov
      Darko Romanov over 10 years
      @NathanC yes, all sites have same IP.
    • Nathan C
      Nathan C over 10 years
      See stackoverflow.com/questions/5006714/… ...this is exactly your issue.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Generating self-signed, wildcard certificate for IIS 7.5 on .local domain
How to edit hostname in https binding on IIS 7.5?
IIS 7.5 Client certificate authentication
Continually getting https Certificate Errors on all browsers
The certificate is not trusted because no issuer chain was provided
IE9: Permanently accept untrusted certificate
Getting ASN1 bad tag error when trying to complete certificate request in IIS7
Assign CA certificate to Fortigate https WAN interface
How to set up an SSL Cert with Subject Alternative Name
Cannot add a self signed certificate in Firefox