I have a SAN certificate which has domains A, B C added to it. In my IIS, I've created a site instance for each of those domain.
I was only able to add https binding to one of the site instance. Surprisingly, https works for all those 3 domains. The confusing part is non-https traffics all goes to the correct domain, but https all the traffics goes to "the site" with https bindings on, instead of executing the code base in the corresponding domain!
> Eg. Assuming a SAN certificate contains www.a.com, www.b.com, www.c.com
> 1. create 3 separate site instance for www.a.com, www.b.com, www.c.com in IIS 7
> 2. Add https binding to www.a.com site
> 3. browse to http://www.b.com opens home page on b.com
> 4. browse to https://www.b.com opens home page on a.com!
Is it possible to use SAN SSL to secure multiple domains on one IP and port to resolve this issue?
After digging around, there is no way you can do it. When you create multiple site instance in IIS, you are only able to bind one of them to the IP with the certificate installed on. The way around it is