Author Posts

March 4, 2016 at 9:46 am

Hi,

I am trying to bind a SSL certificate to a website but I just can't figure out what is wrong. When I run this it actually creates a binding but does not add the SSL certificate.

This is the error I receive:

new-item : Invalid SSL binding name, please use format 'IPAddress!port'.
At line:5 char:57
+ Get-Item -Path "Cert:\LocalMachine\My\$SSLthumbprint" | new-item -Path IIS:\SslB ...

March 4, 2016 at 10:57 am

I'm not sure it wants the host name in the binding, there. Keep in mind that with SSL, the entire socket is encrypted, so the actual host header doesn't get read out of the request, unless you've got slightly fancier stuff happening. So it's just the IP address and port, right?

March 4, 2016 at 11:08 am

Not an IIS expert but currently working through Learn Windows IIS in a Month of Lunches.

Do you already have a certificate bound to that IP address, perhaps on another website on the same server?

Each individual IP address can only have 1 certificate bound to it. So if you're binding the certificate to the host names but the host names all share an IP it won't work.

Each host name either needs its own IP address or you need a wildcard certificate or you can upgrade to IIS 8 which supports Server Name Indication (SNI).

March 8, 2016 at 9:33 am

Thanks Don!

I removed the host header and left it as the IP and port and it bound to the site properly. I appreciate the help