Hi, today I am going to explain how to set up two SSL sites for development. If the solution you are developing requires to be distributed to more than one website and they require https, the default configuration of IIS might not be enough. You might still want to setup your development machine as close to the production environment as possible.

Remarks: SSL runs by default in the 443 port, but differently to plain http, the hostname you are hitting the request against is not known until the message is decrypted. The approach we are going to go through uses different IP addresses for different sites, so IIS can differentiate the requests and send them to the appropriate web application.

First, we will need to add as many IP addresses as https sites we will need. To don’t mess with the network you are connected to and to do not depend upon it, we will add a fake network adapter that is provided with Windows itself: the Microsoft Loopback Network adapter.

To get the two https sites in your machine, we will go through the following steps:

• SSL Certificates to use for your sites (see my other post on how to create them)
• Adding a fake network adapter
• Adding IP addresses
• Install the SSL Certificates
• Set the right permissions for IIS on the certificates’ private keys
• Set up IIS

Sample configuration

During the instructions described below I will use the following sample configuration:

• https://site1/ using the site1 certificate
• https://site2/ using the site2 certificate

Installing the loopback adapter

Go to the Device Manager, right click in the root device and then click Add legacy hardware.

Click Next, then select Install the hardware that I manually select from a list, then click Next.

Select Network adapters and click Next.

In the list from the left select Microsoft, then in the list from the right select Microsoft Loopback Adapter and click Next twice.

Setting up the IP addresses

1. Go to Network connections, find the adapter that uses the loopback adapter.

2. Right click on it, then click Properties. Select only Internet Protocol version 4 (TCP /IPv4). Click Internet Protocol version 4 (TCP /IPv4) and then click Properties.

3. Click Use the following IP addresses, then click Advanced.

4. In the IP addresses frame click Add… and type an IP address that you’re sure it doesn’t overlap with your network. For this sample use 20.0.0.1 and 255.255.255.0 as subnet mask.

5. Repeat step 4 with another IP address for another https site that you need to host as many times as needed. For this sample use 20.0.0.2 and 255.255.255.0 as subnet mask.

Adding DNS entries

1. Open in a text editor (like Notepad) the file %SYSTEM32%\Drivers\etc\hosts.

2. Append the following entries for this sample:

20.0.0.1 site1
20.0.0.2 site2

3. Save the file.

Installing the certificates

1. Open an instance of the Management Console. This can be done by running mmc.

2. Click File, then click Add/Remove Snap-in….

3. Select Certificates in the list from the left. Then click Add.

4. Click Computer account, then click Next.

5. Click Local computer, then click Finish.

6. Click Ok to close the Add or Remove Snap-in window.

7. Double-click Certificates (Local Computer) in the list from the left.

8. Double-click Personal.

9. Click Certificates in the list from the left.

10. Click the Actions menu, then click All tasks, then click Import….

11. Click Next. Then input the path to the .pfx certificate file. Click Next again.

Remarks: If you don’t have one you can generate it following the steps described here.

12. Type the password of the .pfx file. Click Mark key as exportable. Then click Next twice, then click Finish.

13. Select the recently installed certificate from the list on the center.

14. Click the Actions menu. Click All tasks then click Manage Private Keys….

15. Click Add…

16. Make sure that the location selected is your local computer (this might be different by default if your computer pertains to a Domain).

17. Type NETWORK SERVICE (or the user with which IIS runs). Then click Ok.

18. Click Ok to close the permissions window.

19. Repeat the steps 10 to 18 for installing the second certificate.

Configuring IIS

1. Open the Internet Information Services (IIS) Manager. This can be done by running inetmgr.

1. Right click the Sites node and then click Add Web Site…

2. Set the following data for this sample:

Then click Ok.

Remarks: The physical path I am pointing to contains an html with the name of the site for testing purposes.

4. Repeat the step 3 with the data for the second site. For this sample:

Verifying the sites

Now we are ready to go. Open a web browser and point to https://site1, you should be able to see the first site using the site1 certificate. Then browse to https://site2 and you should see the second site using the site2 certificate.

Singluarity RDK 2.0 has been released!!! You can find it as usual @ http://www.codeplex.com/singularity

Soy Diego Pérez y el lunes me incorporo al equipo de Southworks. Estoy agradecido por esta oportunidad única y ansioso por estar desarrollando junto al equipo. Espero que el intercambio de experiencias sea rápidamente fructífero y poder aprender mucho con Southworks.

Reitero mi agradecimiento, y seguiré dando noticias…

¡Pronto zarpa mi nave para nuevas tierras, nos vemos!