« Previous Next »

• 11-06-2009, 2:22 PM

  Kortekk Joined on 11-06-2009, 7:10 PM Posts 1

  IIS7 SSL Binding to All Addresses Reply Contact My server has got IIS7 with two sites Site1 and Site2.  I have them each on their own distinct Ipv4 address, each on their own separate certificate, and both are on port 443. The issue I am experiencing is that if I take Site1 offline, the server is still responding to ssl on that site's address and port - even though I cannot browse to the site via a web broswer.  If I take both Site1 and Site2 offline, then the server no longer responds to ssl requests.  It looks to me like IIS7 is binding to all the addresses on the server.  If I create a new arbirtrary binding on Site1 and run netstat, i see it being opened on the address bound to Site2. I have tried editing the applicationhost.config file to supply host headers to the ssl bindings since you cannot through the GUI.  I have also tried to create listener ip addresses using 'netsh http add iplisten'.  Nothing has helped so far.  Is there any way to close down the port when that particular site is brought down?

  Tags: SSLiis 7BindingsSSL CertificateBINDING443

• 11-06-2009, 4:05 PM

  In reply to

  anilr Joined on 05-23-2006, 10:13 PM Redmond, WA Posts 2,343

  Re: IIS7 SSL Binding to All Addresses Reply Contact Using the iplisten list, you will have to manually add/remove the ip from the list every time you stop/start the site.  You can however disable socket-pooling by using the DisableEndpointSharing reg-key described in this article.  This will cause http.sys to automatically stop listening to that ip when that website is stopped. Anil Ruia Senior Software Design Engineer IIS Core Server