IIS One Site with muliple bindings -- need more than one cert


#1

I’ve got the Certify The Web client running in production on our IIS Server for a few of our sites. But one of our sites has multiple bindings with a different domain name for each binding. And I will be setting up an IP Address for each binding. However the SSL Cert that is issued for this site has all the domains listed in the Subject Alternative Name field. What I really need is for there to be no visible association between the different domains. So I need a new cert for each domain even thought they run on the same IIS site.
Is there a way to accomplish this with Certify The Web?
Ken.


#2

Hi Ken,

Yes, this is fully supported, you need to create a new Managed Certificate for each set of domains:

  • New Certificate> select the IIS site
  • If the site has existing hostname bindings these will be suggested as the list of domain, uncheck the ones you don’t want on each certificate
  • continue certificate request as normal
  • repeat for each combination of domains

Note that we recommend against using a fixed IP per certificate unless you cannot use SNI bindinds. You will need the use the Single Site deployment option under Deployment and specify the IP for binding there. Alternatively you can have full control over bindings by deploying the first of each cert to the certificate store and manually create your https bindings, then set deployment to Auto.

Always use the Preview tab to review which bindings will be updated on next cert renewal (the bindings summary is at the bottom of the Preview page), to ensure it plans to update the bindings you expect it to, as there are many possible configuration combinations.


#3

Thanks for the fast response! I think I understand all of that and will give it a try. Unfortunately, my boss requires me to have a different ip address for each domain so customers, and others, cannot [easily] figure out that our sites are run by the same company.


#4

can I ask what the limit is for the free version please


#5

Hi, it’s currently 10 managed certificates and will start nagging you after you create the first couple. We may remove this limitation in the free version in the future.


#6

Thanks for the thread jack.