Configuring Server Bindings for SSL Host Headers (IIS 6.0)

In addition to installing a wildcard server certificate on SSL-enabled Web sites, you must also configure the SecureBindings metabase property on each site so it contains the host header name of the site. All SSL-enabled sites that use the same IP/port binding and are distinguished only by host header name must use the same wildcard server certificate.

  Important

You must configure secure bindings for all SSL-enabled Web sites that use the wildcard server certificate to prevent unauthorized use of the certificate.

  Important

You must be a member of the Administrators group on the local computer to run scripts and executables. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run your script or executable as an administrator. At a command prompt, type runas /profile /user:MyComputer\Administrator cmd to open a command window with administrator rights and then type cscript.exeScriptName (include the script's full path and any parameters).

Procedures

To configure the SecureBindings metabase property for SSL host headers

1.

Click Start, click Run, type

cmd

in the Open box, and then click OK.

2.

Type the following command at the command prompt:

cscript.exe adsutil.vbs set /w3svc/<site identifier>/SecureBindings ":443:<host header>"

where host header is the host header for the Web site, for example, site2.contoso.com or site4.contoso.com.

Related Topics

For information about preventing unauthorized use of a wildcard server certificate, see Ensuring That Secure Content Is Served Over HTTPS Only.

For information about the SecureBindings metabase property, see SecureBindings Metabase Property.

For information about Adsutil.vbs, see Using the Adsutil.vbs Administration Script.



© 2015 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies
Microsoft