A customer asked me if I could help troubleshoot their SharePoint environment – they had extended a web application and configured it to use Forms Based Authentication (FBA) with SSL however they were getting errors when accessing the new site.
I started troubleshooting the configuration across all the servers in their SharePoint 2013 farm. I stepped through the configuration for the web application in Central Administration – reviewing the authentication provider settings and alternate access mappings. I then reviewed the web.config and made sure that the FBA settings were present and correct along with the IIS website bindings. This is when I noticed that there was no hostname against the https/443 binding – the option to add one was also disabled.
After a little research, I found an article from ArmgaSys. It turns out that my customer’s wildcard SSL certificate was issued without an * in the name, therefore, the hostname cannot be specified once the SSL certificate is selected. I followed the steps in this article from and the customer was able to access their SharePoint site without any errors this time.
A summary of these instructions are included below: –
- To resolve this and make the hostname field editable launch Microsoft Management Console (MMC) and open the Certificates snap-in.
- Locate the wildcard certificate, right click on it and select properties.
- If the Friend Name property doesn’t start with a * then add one and apply any changes you make.
- Now go back to IIS and select the SSL certificate in the bindings of the SharePoint website with the issue.
- The hostname field should now be editable where you should then enter the hostname for your SharePoint site.