I use the software without problem for more than a year .I have 2 IP addresses and all dns and bindings pointing to one ip address for all sites.The other ip address is used for other use however .
But i use for the same ip , multiple domains (web sites) and different ssl .For example i use one ssl for one domain (and its subdomains) and another ssl for 5 domains (but same ip address) and a third one ssl for one more domain (same ip) .
This worked fine until now.But now on this ssl with 5 domains , i inserted one more domain and generated.I deploying with “Auto” setting enabled. Now all 6 webites not working and on description of browser the info says that all these 6 domains not using the new ssl, and not using also the old ssl , but now using the ssl of other single domain which existed on server !
I check on Binding settings on IIS and the bindings are correct ( i mean they pointing to new ssl) but the browser says that 6 websites pointing to other ssl .Not to the old ssl but to the ssl of other domain ! Any solution to this ? SNI is checked for all domains.It seems to be a bug
Hi, this is not a known issue in Certify The Web and I suspect your binding configuration is incorrect. There are hundreds of thousands of Certify The Web users and if there was a problem with SNI I would assume we’d have heard from other users as well.
The most common problem is that you can created a “Default SSL Binding” in IIS or you have otherwise customised the binding deployment settings (rather than using Auto). Generally the easiest way to find the problem is to check in the browser which domain the invalid certificate is actually for - this implies that is the website that has the wrong (non-SNI or IP specific) binding.
Make sure all of your IIS bindings are IP - All Unassigned, with SNI checked and hostname set.
Thank you for your help. Temporary i disabled all others ssl and i included all domains to one ssl so worked by this way .However i didnt bind all domains to all Unassigned but some of them was bind to specific IP .I mean more than one domain used the same IP with others but with different ssl .I will try to bind all domains to Unassigned and i let you know.
Also this problem maybe is IIS or server problem .I dont mean for sure is a Certify problem .I mean i have set the deploy to Auto and all SSL updated correctly to the correct domains by the Certify .But even on IIS shown correct (and updated) SSL for each domain , on browser, says that xxxx domain now using SSL from other domain (with same P) ! This is strange because info (and settings) from IIS are not agree with the results on browser.Also i restarted server and i will try again .Thank you !
I would advise not binding any certificate to specific IPs. This was required in old versions of Windows (Server 2008 and older) but is not required if SNI is available.
When windows has an IP specific binding it will take priority over other non-specific bindings.