As a New Year’s present to myself, I recently signed up for free SSL certificates through startssl.com for my personal websites. Since these are not production websites, I did not want to pay for an SSL certificate that covers multiple domains. Instead, I hoped to use multiple (free!) SSL certificates within IIS 8 to encrypt my website traffic. When attempting this, I ran into a roadblock. If you assign a certificate to website1, and then try to assign a different certificate to website2, IIS gives you a nice info box that tells you that this is impossible. Fortunately, IIS 8 Server Name Indication provides a solution.

1. First, open your hosts file on your web server at %Windows%\System32\drivers\etc\hosts
2. Add entries for each of the [sub]domains for which you want to assign an SSL certificate by pointing them to localhost at 127.0.0.1:
   
3. In IIS 8, edit the site bindings (right-click on your website and select “Edit Bindings…”)
4. Select the https binding and click “Edit…”, or add a new binding for https
5. Enter the Host name for the website (matching the name you entered in your hosts file) and check “Require Server Name Indiciation”
   
6. Select your SSL certificate and click “OK”
7. Repeat steps 3-6 for all sites hosted in IIS 8 for which you need an SSL certificate

You’re now using multiple SSL certificates for multiple websites within a single instance of IIS 8.