Troubleshooting: Host headers in Microsoft Server 2013 IIS 8.0 & 8.5

Depending on your environment you may have the following Issues:

• Website A is coming up as website B.
• Unable to assign a certificate due to another website using the same IP or Port.
• Host Name when binding the certificate is grayed out.

Using Host Headers requires that the following conditions are met:

• You must be using either a Wildcard or a SAN certificate
• The website address being used must meet the following.
  • Include as a SAN value on the certificate.
  • The Common Name (CN) of the certificate
  • Be Covered by a wildcard
• Only one certificate can be used for a given IP address and port combination
• The friendly name of the certificate must have the wildcard * attribute in order to utilize a SAN or wildcard certificate.

To configure a host header for a website in IIS 7.0 & 7.5 perform the following.

Step 1: Ensure you have a friendly name associated with your Server Certificate.

1. Start > run > MMC.
   
2. Go into the Console Tab > File > Add/Remove Snap-in.
3. Click on Add > Click on Certificates and click on Add.
4. Choose Computer Account > Next.Note: When troubleshooting browser certificates such as client certificates, email signing certificates, CodeSigning, etc.. you will choose My user account instead and continue with the certificate snap in wizard.
5. Choose Local Computer > Finish.
   
6. Close the Add Standalone Snap-in window.
7. Click on OK at the Add/Remove Snap-in window.
8. You will be brought back into the management console where you will see your snap in where you can expand and right click the various folders or certificate so see options that are available to you.

You have successfully created a MMC snap-in to manage certificates on your server system.

Step 2: Assigning a friendly name to an SSL Certificate:

1. Under Personal > Certificates, Right click on your certificate you are focused on, and select Properties.
2. In the Properties pop up window, under Friendly Name check to see if a friendly name has been assigned to the certificate. If not then specify a friendly name of your choosing.
   Note: If you need to use host headers to assign an SSL certificate to a website add a wildcard to the certificates subdomain Examples: *.testcsr.com or *.yoursite.com
3. Click Ok.
   

You have now successfully assigned and changed a friendly name to an SSL Certificate.

Step 3: Editing your website to use host headers with a SAN or wildcard certificate. 

1. Go to Start > Administrative Tools > Internet Information Services (IIS) Manager.
2. In the left pane, Click the server name.
3. Click on the website you need to configure.
4. In the right Actions pane click Bindings
   
   
5. In the Site Bindings window. If there is no existing https binding, choose Add and change Type from HTTP to HTTPS.
   Note: If there is already a https binding, select it and click Edit.
   
6. From the SSL Certificate drop down, Select the Friendly Name for the SSL certificate that will be used for this site.
   
   
7. Click Ok.

Your SSL Certificate is now installed, and the website is now configured.

Additional Notes:

• If you do not specify an IP address when installing your SSL Certificate, the same ID will be used for all virtual servers created on the system.
• If you are hosting multiple sites on a single server, you can specify that the ID only be used for a particular server IP address.
• If you get this warning message:
  
  Visit our troubleshooting article for possibly resolutions: Troubleshooting: At least one other site is using Https binding and the binding is configured with a different certificate.

If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or an organization that supports it.

Microsoft Support

For more information refer to Microsoft.