I am trying to create two different bindings on two different site on IIS with C# from my website. Those 2 binding needs to be set with a certificate (one specific for each bindings). The problem is, the bindings are correctly created but the two bindings are created with the same certificate.
Here my code :
public async Task AddBindings(string code)
{
await AddBinding("Website1", "website1.com");
await AddBinding("Website2", "website2.com");
}
private async Task AddBinding(string siteName, string urlDomain)
{
using (ServerManager serverMgr = new ServerManager())
{
var site = serverMgr.Sites[siteName];
var certif = GetCertificate("*." + urlDomain);
site.Bindings.Add("*:443:" + urlDomain, certif.GetCertHash(), "My");
serverMgr.CommitChanges();
serverMgr.Dispose();
}
}
private X509Certificate2 GetCertificate(string nameStartWith)
{
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly);
X509Certificate2 certif = null;
foreach (var certificate in store.Certificates)
{
var certifDate = DateTime.Parse(certificate.GetEffectiveDateString());
if (certificate.FriendlyName.StartsWith(nameStartWith))
{
certif = certificate;
}
}
store.Close();
return certif;
}
The "funny things" in the function AddBindings, in this order the two bindings are going to be created with the Website2 certificate, and if I change the order of the two rows it's going to use Website1.
Thank you very much for your helps !
Your code definitely leads to that, because nowhere you specify that SNI mappings should be used.
The correct function call you should make is this overloading version,
Add (string bindingInformation, byte[] certificateHash, string certificateStoreName, Microsoft.Web.Administration.SslFlags sslFlags)
You can read more about SNI mappings in Windows HTTP API from here.