Configuring a host name with a SSL Certificates in IIS 7

The estimated reading time for this post is 1 minutes

A customer asked me if I could help troubleshoot their SharePoint environment – they had extended a web application and configured it to use Forms Based Authentication (FBA) with SSL however they were getting errors when accessing the new site.

I started troubleshooting the configuration across all the servers in their SharePoint 2013 farm. I stepped through the configuration for the web application in Central Administration – reviewing the authentication provider settings and alternate access mappings. I then reviewed the web.config and made sure that the FBA settings were present and correct along with the IIS website bindings. This is when I noticed that there was no hostname against the https/443 binding –  the option to add one was also disabled.

IIS binding - host name disabled
IIS binding – host name disabled

After a little research, I found an article from ArmgaSys.  It turns out that my customer’s wildcard SSL certificate was issued without an * in the name, therefore, the hostname cannot be specified once the SSL certificate is selected. I followed the steps in this article from and the customer was able to access their SharePoint site without any errors this time.

IIS binding - host name editable
IIS binding – host name editable

A summary of these instructions are included below: –

  1. To resolve this and make the hostname field editable launch Microsoft Management Console (MMC) and open the Certificates snap-in.
  2. Locate the wildcard certificate, right click on it and select properties.
  3. If the Friend Name property doesn’t start with a * then add one and apply any changes you make.
  4. Now go back to IIS and select the SSL certificate in the bindings of the SharePoint website with the issue.
  5. The hostname field should now be editable where you should then enter the hostname for your SharePoint site.

Comments

Leave a Reply