As a new forum member I’ve had to add an extra ‘.’ in my example domains, because the forum thinks I’m posting too many links!
In testing CertifyTheWeb (great product BTW), we have a problem with it deploying bindings for wildcard certificates on wildcard domain names. I’m using DNS validation which works great.
Our Windows Server 2012 is running a couple of website applications, which due to needing domain name wildcards (each client has their own sub-domain, e.g. client1.app1…com, client2.app1…com and client1.app2…com, and these can dynamically change), some of our bindings have to have a blank hostname for each IP address. Due to some specific sites having different requirements, the are some hostnames with specific bindings. Here are examples:
IP 192.168.1.1:443, no hostname (so supports wildcard domain *.app1…com)
IP 192.168.1.1:443, foo.app1…com (specific site with own configuration)
IP 192.168.1.3:443, www.app1…com (specific site with own configuration)
IP 192.168.1.2:443, no hostname (so supports wildcard domain *.app2…com)
The problem CertifyTheWeb has is that because sites 1 and 4 have bindings with no hostname, a certificate for either *.app1…com or *.app2…com tries to update both sites, which of course means IIS stops one of the sites, due to duplicate bindings.
I have tried various combinations of deployment, which end up with either both sites 1 and 4 getting the same binding, or only sites 2 and 3 get their correct bindings.
Whilst I appreciate the simplicity of the Deployment Mode options, it would be great to be able to select multiple individual sites as a deployment, then I could select sites 1, 2 & 3 for a one cert and then 4 for another cert.
Can you help me find a deployment config that works for wildcard domains?!