A customer asked me if I could help troubleshoot their SharePoint environment – they had extended a web application and configured it to use Forms Based Authentication (FBA) with SSL however they were getting errors when accessing the new site.
I started troubleshooting the configuration across all the servers in their SharePoint 2013 farm. I stepped through the configuration for the web application in Central Administration – reviewing the authentication provider settings and alternate access mappings. I then reviewed the web.config and made sure that the FBA settings were present and correct along with the IIS website bindings. This is when I noticed that there was no host name against the https/443 binding – the option to add one was also disabled.
After a little research I found an article from ArmgaSys. It turns out that my customers wildcard SSL certificate was issued without a * in the name therefore the host name cannot be specified once the SSL certificate is selected. I followed the steps in this article from and the customer was able to access their SharePoint site without any errors this time.
A summary of these instructions are included below: –
- To resolve this and make the host name field editable launch Microsoft Management Console (MMC) and open the Certificates snap-in.
- Locate the wildcard certificate, right click on it and select properties.
- If the Friend Name property doesn’t start with a * then add one and apply any changes you make.
- Now go back to IIS and select the SSL certificate in the bindings of the SharePoint website with the issue.
- The host name field should now be editable where you should then enter the host name for your SharePoint site.