Re: Certificate Types

Daniel wrote to Gilly G on Tue, 2 Dec 2008 12:12:26 -0000:

Gilly wrote on Sat, 29 Nov 2008 18:17:00 -0800:

I have a single ssl website which can be pulled up on the browser
using two methods: and
I currently have both a wildcard ssl certificate * and a
normal ssl After install the wildcard ssl
certificate, I can only get to browse without a
certificate error. When I use the certificate
throws an error of invalid certificate.

How do I configure IIS 6.0 so that if a customer uses and that they do not get
a invalid certificate message for either format?

You use 2 different IPs with 2 SSL certs mapped to the same physical
file structure (so they run as 2 different sites but pulling the same
files from the same location), or you get a cert with multiple CN
parts in it ( and Your problem is that
* does not match - *. literally means "any
characters followed by a fullstop" and there is no fullstop at the
start of your second URL; is not the same as (notice the . before the hostname).

This is not something that can be "fixed" with IIS6 using the
certificate you have - it's the browser that interprets the CN part of
the certificate and compares to the hostname in the request, all IIS6
is doing is sending the SSL cert mapped to the IP and this is working
as expected.

Damn, David beat me to it. His reply wasn't showing up when I originally
checked the newsgroup ... :(