In IIS SSL sites have seemed to be limited to only one site per network interface, since you (from IIS Manager) cannot specify a host header binding on the HTTPS protocol.

It turns out, that it is only a limitation in the UI. So to have e.g. two sites with their own dedicated SSL certificate we need to add a host header binding on port 443 from either appcmd, managed code or by editing the applicationHosts.config file.

I like managed code the most, so I’ve written a small method in C# that does the trick. You need to have two SSL certificates named www.ssl1.com and www.ssl2.com installed on the machine. I just created a self signed certificate for both of them using the IIS Manager.

using System.Security.Cryptography.X509Certificates; using Microsoft.Web.Administration; namespace IisSsl { class Program { staticvoid Main(string[] args) { using (ServerManager _serverManager = new ServerManager()) { string siteName = "SSL2"; string certName = "www.ssl2.com"; X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.ReadOnly); X509Certificate2 certificate = store.Certificates[0]; Site site = _serverManager.Sites[siteName]; if (site != null) { site.Bindings.Add("*:443:" + certName, certificate.GetCertHash(), store.Name); } store.Close(); _serverManager.CommitChanges(); } } } }

Remember to add a reference to C:\Windows\System32\inetsrv\Microsoft.Web.Administration.dll in order to use the ServerManager class.