SSL Host Header with wildcard certificate on IIS7 solved
When adding a HTTPS site on IIS7, the Host header field is disabled. If you have one IP per site, as used to be the requirement, this is not a problem. But when you want to host multiple sites on one IP, it is a show stopper.
In my case I had a wildcard certificate, and ran into this when adding my second site. It was important not to cause any down-time on the already running site.
It turns out that IIS7 will disable the Host Header field when the name (friendly name) of the wildcard certificate is anything else than *.domain.tld. How unexpected.
The solution is to change the friendly name of the certificate. Luckily, renaming the certificate and adding a host name to any existing sites can be done without service interruption.
First, start the MMC (Start, Run, mmc) and add the Certificate snap-in.
Choose Computer account, and then Local computer.
Next, use MMC to browse to Certificates, Personal, Certificates, right-click the offending certificate and select Properties.
A friendly rename will not impact any running sites.
If the IIS manager is running, restart it (but no sites needs a restart). Now, magically, the Host header field is enabled.
Shame on you, Microsoft, for linking specific functionality to a non-specific name field.