我正在尝试让我的两个站点在 Windows Server 2012 R2 上使用单独的证书运行。
这不可能吗?
在最后添加的站点 www.c1get.net 上,我从第一个站点获取了证书,因此收到警告。
更新
SSL Certificate bindings:
-------------------------
IP:port : 0.0.0.0:443
Certificate Hash : fabae896e032f9ba08b389d8c9ecd33908fabe31
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 100.88.158.59:443
Certificate Hash : 09ee7268be2509e3262dcae9df10563dce265bd3
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Hostname:port : owindemo.s-innovations.net:443
Certificate Hash : 09ee7268be2509e3262dcae9df10563dce265bd3
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Hostname:port : demo009.s-innovations.net:443
Certificate Hash : 09ee7268be2509e3262dcae9df10563dce265bd3
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Hostname:port : www.s-innovations.net:443
Certificate Hash : 09ee7268be2509e3262dcae9df10563dce265bd3
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
Hostname:port : www.c1get.net:443
Certificate Hash : fabae896e032f9ba08b389d8c9ecd33908fabe31
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : My
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
答案1
答案2
我遇到了同样的问题,SNI 无法正常工作。此答案解决了我的问题。此外,我从 IIS 中删除了第二个 SSL,然后重新完成、重新绑定并重新启动了 IIS 站点。很棒的信息。
您需要通过以下方式检查:netsh http show sslcert
在命令行中,如果您发现有一个 IP 地址绑定但不在您的 IIS 中,那就是它了。
并且需要在命令行中手动删除它:
netsh http delete sslcert ipport=[bind IP address]:[bind port]