IIS SSL is taking all IPs although it is told not to

Question

I have a testing system where IIS Express on Windows 7 SSL website has to live together with Cerberus FTP server SSL website (Cerberus FTP has a built-in web server for HTTP uploads).

I have set up Windows to use two IPs from my router

• 192.168.1.128 (for IIS SSL Web Site, using a self-generated SSL certificate for now)
• 192.168.1.129 (for Cerberus FTP built-in SSL Web Site)

In IIS I have set web site binding to use only the IP 192.168.1.128. But still when I launch Cerberus, it says - cannot bind 192.168.1.129:443.

I tested in Firefox - indeed, when I go to 192.168.1.129 (or even localhost), I do not get “Unable to connect“ page as expected, but “The connection was reset” instead. IIS is still occupying those IPs, although it is not serving the website on those IPs.

When I stop the IIS website, Cerberus FTP Website launches without problems. But then I cannot launch IIS web site, it tells - "The process cannot access the file because it is being used by another process".

Why is IIS SSL web site still occupying all IPs?

Answer 1

Because IIS is a pro tool that tries to be efficient.

It does ONE binding to ALL addresses for the port number, then sorts things out internally in teh binding.

You do not want it? Set DisableSocketPooling.

http://support.microsoft.com/kb/892847

or b etter

http://msdn.microsoft.com/en-us/library/cc307219(VS.85).aspx

Basically, IIS uses http.sys - which any serious tool shou,d so a shame in the direction of Cerberus for ignoring windows core mechanisms - and you have to tell http.sys to only liten to specific addresses.

Setting up IIS7 and TomCat on single machine with multiple IP