Binding Internet Information Services (IIS) 7.0 to a specific IP address on a multihomed server

If you have an Internet Information Services (IIS) 7.0 server that has multiple IP addresses and you want to host EmpowerID on the default SSL port (443) on only one of those IP addresses and you are not using a wildcard SSL certificate, you will need to configure both the Internet Information Services (IIS) 7.0 Site Bindings and the IP listen list. Failing to configure the IP listen list will result in connection failures once the Site Binding in Internet Information Services (IIS) 7.0 is no longer set to "All Unassigned".

Step 1 - Internet Information Services (IIS) 7.0 Site Bindings

Open Internet Information Services (IIS) Manager. In the Connections pane on the left hand side, expand the server node, then expand Sites. Right click on the site that is hosting EmpowerID and choose Edit Bindings...

On the Site Bindings window that appears, click on the https entry and click on Edit...

On the Edit Site Binding window that appears, change the IP address: drop down from "All Unassigned" to the desired IP address and click OK.

When finished, click Close on the Site Bindings window.

Step 2 - Add an IP address to the IP listen list

To show the current IP listen list, open a Command Prompt window and run the following command:

netsh http show iplisten

To add an IP address to the IP listen list, open a Command Prompt window and run the following command:

netsh http add iplisten xxx.xxx.x.x

In our example we would open a Command Prompt window and run the following command:

netsh http add iplisten 192.168.254.37

When finished, restart Internet Information Services (IIS) 7.0 to ensure the configuration is applied.

Please feel free to contact us by e-mail at support@empowerid.com or by phone at (877) 996-4276 (Option 2) if you have any questions or concerns regarding this guide.