-2

I have windows server 2012 r2 with IIS 8.5. and i am trying configure two domain with two different ssl. my one domain is perfectly working in https. Problem is but when i browse another domain it gives me following error..

Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for (domain2). The certificate is only valid for the following names: (domain1).

while i check Server Name Indicator in configuration.. I don't understand what is real issue.
do i need to configure other thing?

bikram rajbanshi
  • 1
  • 1
  • Binding issues? Which we have no idea what you did set up because you do not believe in showing the configuration while asking what is wrong with it? – TomTom Apr 10 '20 at 10:59
  • 2
    Voting to close: Questions seeking installation, configuration or diagnostic help must include the desired end state, the specific problem or error, sufficient information about the configuration and environment to reproduce it, and attempted solutions. Questions without a clear problem statement are not useful to other readers and are unlikely to get good answers. – TomTom Apr 10 '20 at 10:59
  • Please review your HTTP API configuration https://docs.jexusmanager.com/tutorials/https-binding.html#background to locate any misconfiguration. – Lex Li Apr 10 '20 at 13:15

1 Answers1

0

when working with SNI (Server Name Indicator) - you need to have 2 names and 2 certificates.

configure DNS name1 and issue certificate to name1 (FQDN)

configure DNS name2 and issue certificate to name2 (FQDN)

Install both certificates in your local machine store.

Then on the IIS - bind 443 port twice - checking the 'require server name indicator' checkbox on both binds.

bind1: configure Name1 (FQDN) as HostName and pick name1 certificate

bind2: configure Name2 (FQDN) as HostName and pick name2 certificate

This should do the job.

CryptoDan
  • 85
  • 7