In Windows Internet Information Services (IIS) you may receive the following error when assigning a certificate to a site binding.

“At least one other site is using the same HTTPS binding and the binding is configured with a different certificate. are you sure that you want to reuse this HTTPS binding and reassign the other site or sites to use the new certificate?”

Warning with IIS binding

This warning message occurs due to the following:
  • Only one certificate can be used for a given IP address and port combination.
  • Multiple websites on the server are using the same IP and port regardless of using multiple certificates.

In this situation the resolutions can be the following..

  • Assign each site a different public IP address in the public DNS.
  • If using the same IP for each site, assign different ports for https for each site.
  • If the systems allow’s it, Specifying the Host Name using host headers may resolve any conflicts with IP and Port configurations. Using host headers requires that following conditions are met:
    • The website address being used must meet one of the following on the certificate.
      • The Common Name (CN) of the certificate.
      • Be covered by the wildcard certificate.
      • Be included as a SAN value.

To configure host headers for a site in IIS, Perform the following Steps:

  1. Prior to continuing, please ensure the certificates Friendly Name starts with an asterisk (*). If you need to change the friendly name on the certificate to include the asterisk (*), please refer to solution: Troublshooting: Assigning a friendly name to an SSL Certificate in Windows.
  2. Go to Start > Administrative Tools > Internet Information Services (IIS) Manager.
  3. In the left pane, Click the server name.
  4. Click on the website you need to configure.
  5. In the right Actions pane click Bindings
  6. Host headers
  7. In the Site Binding dialog pop up box select the https binding for which you want to to configure and click Edit.
    Note: If you do not have an https binding yet click Add and under the Type drop down menu select https.
    Host Headers
  8. In the Site binding dialog box under Host name box, type a host header for the site, for example www.domain.com.
    Note: If the Host name option is grayed out you may need to apply a wildcard * to the friendly name of the certificate. The friendly name of the certificate must have the wildcard * attribute in order to utilize a SAN or wildcard certificate. To learn how to change the friendly name of a server certificate in a windows system visit. Troubleshooting: Assigning a friendly name to an SSL Certificate in Windows
  9. Under the SSL certificate Drop down box select the SSL certificate you wish to assign to this website.
  10. Click Ok.
    Host Headers

To use the same certificate with an additional website (using the same IP address and port combination), create and/or modify the binding on the site in question. Specifying the Host Name using host headers may resolve any conflicts with IP and Port configurations.

Your Websites and the direction of traffic should now work with the Host headers option

If this resolution does not work or the Host name option is grayed out will have to contact Microsoft regarding your unique environment.

LoadingAdd to favorites

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.