Gilly wrote on Sat, 29 Nov 2008 18:17:00 -0800:

> I have a single ssl website which can be pulled up on the browser using
> two methods: https://www.website.com and https://website.com. I
> currently have both a wildcard ssl certificate *.website.com and a
> normal ssl www.website.com. After install the wildcard ssl
> certificate, I can only get www.website.com to browse without a
> certificate error. When I use https://website.com the certificate
> throws an error of invalid certificate.

> How do I configure IIS 6.0 so that if a customer uses
> https://website.com and https://www.website.com that they do not get a
> invalid certificate message for either format?


You use 2 different IPs with 2 SSL certs mapped to the same physical file
structure (so they run as 2 different sites but pulling the same files from
the same location), or you get a cert with multiple CN parts in it
(www.website.com and website.com). Your problem is that *.website.com does
not match website.com - *. literally means "any characters followed by a
fullstop" and there is no fullstop at the start of your second URL; https://website.com
is not the same as https://.website.com (notice the . before the
website.com hostname).

This is not something that can be "fixed" with IIS6 using the certificate
you have - it's the browser that interprets the CN part of the certificate
and compares to the hostname in the request, all IIS6 is doing is sending
the SSL cert mapped to the IP and this is working as expected.

--
Dan