How to edit hostname in https binding on IIS 7.5?
The issue here is the way IIS identifies a wildcard certificate. It doesn't look in the Issued to
field but in the Friendly name
field of the certificate. That field has to start with the *
wildcard character.
You can change the friendly name without any consequences, start mmc.exe
as an elevated administrator and add the Snap-in for Certificates - Computer Account - Local Computer
Find the certificate in the Personal - Certificates
folder, open the properties dialog and change the Friendly name
to begin with a *
.
You may have to restart IIS Manager to see the new name.
The Host name
field should now be editable.
Related videos on Youtube
Robert Kerr
Updated on September 18, 2022Comments
-
Robert Kerr over 1 year
On Windows Server 2008 R2, the "Host name" box for editing the https binding is disabled. I'm unable to enable it so that I can enter the hostname for which to bind.
The certificate "issued to" field is in *.example.com format.
How does one enable the Host name box for editing?
EDIT: The proposed duplicate does not answer my ACTUAL question, which is "why is this box grayed out and not enabled?" Additionally, that question is dated, and does not consider an approach used here: https://blogs.msdn.microsoft.com/varunm/2013/06/18/bind-multiple-sites-on-same-ip-address-and-port-in-ssl/
-
Massimo almost 8 yearsPossible duplicate of Setup IIS 7.5 with multiple website bindings and SSL?
-
Massimo almost 8 yearsYou can't: SSL doesn't work that way (unless you use SNI, which is not supported on WS2008R2).
-
Robert Kerr almost 8 yearsYou sure? I"ve been trying to follow blogs.msdn.microsoft.com/varunm/2013/06/18/…
-
Peter Hahndorf almost 8 yearsIs the certificate you are using a wildcard cert? In that case the
Host name
field should be editable, if you are using a SAN certificate you have to use the command line to set the host name, the GUI is not smart enough. The article you are referring to explains all this. -
Robert Kerr almost 8 years@PeterHahndorf you are correct, and yes it is a wildcard certificate. The actual problem has turned out to be the "Friendly name" of the wildcard certificate must start with *, and asterisk. When that change was made in Certificate manager (via MMC plugins), the host name box became enabled. Note in my screenshot, the friendly name began with "Star". If you would create an answer that reflects that, I will accept it as the answer.
-
-
Milan Kerslager almost 6 yearsAs of IIS 7.5 (aka MS Server 2008 R2), it seems there could be only one certificate across all the web sites and (HTTPS) bindings. So if you have multiple websites/bindings (ie multiple domain names), you need one certificate with multiple DNS names (alternative DNS names). This is possible to have it from Let's Encrypt for free, for example by github.com/PKISharp/win-acme as "SAN certificate for all bindings of multiple IIS sites". Don'n forget to change friendly name as suggested above if you would like to edit bindings by GUI then.