SAN certificates and SharePoint

  • Article

 

What is SAN certificates.

 

A normal SSL Certificate protects only one Fully Qualified Domain Name. In a SAN Certificate several alternatives of common names can be placed in the 'Alternative Name field'.

 

 

To check if certificates is SAN you can open certificate and select subject alternate name under details it will lists lots of domains.

 

image

 

Now problem is how to update two sites in IIS manager so that they can run on 443 port.

If you try to start both on 443 one of them will stop.

 

To fix that you need to use AppCmd.exe

 

AppCmd.exe is located in the %systemroot%\system32\inetsrv\ directory. Because it is not path of the PATH automatically, you need to use the full path to the executable when executing commands like in "%systemroot%\system32\inetsrv\AppCmd.exe list sites". Alternatively, you can manually add the inetsrv directory to the path on your machine so that you can access AppCmd.exe directly from any location.

 

 

appcmd set site /site.name:"ABC" /+bindings.[protocol='https',bindingInformation='*:443:ABC.edu']

 

For more info on AppCmd refer to https://www.iis.net/learn/get-started/getting-started-with-iis/getting-started-with-appcmdexe