So a wild card SSL certificate is a certificate for *.which means we can use it for as many different .sites as we care to create.
I had some struggle with setting up the wildcard SSL certificate on my server, so I thought I should make some notes here for others who may encounter the same problems.
Instructions on how to create a CSR for IIS without removing your current SSL Certificate: The renewal request option within IIS 5.0/6.0 does not create a request in a PKCS10 format.
IIS 5.0/6.0 does not allow your site that is currently running SSL to generate a certificate signing request (CSR) without removing the existing certificate.
It is important that when you generate the CSR you generate it for *.not for any specific host like sure you use *.Make sure you set the bit length to 2048 You can save the certificate request as a file and open it in a text editor so you can copy the request and paste it when completing the steps to obtain an SSL certificate.
When you receive your certificate it will be just a text file, save it on disk on your server with a extension, then you click the link in IIS for "Complete Certificate Request" (shown in the 2nd screen shot above).
Please read and print these instructions before submitting your new certificate request. Leave your existing site that currently has the certificate installed alone. Create another virtual site within IIS (this does not have to be a functional site). Enter Properties for the newly created virtual site, then go to the Certificate Wizard to create a new certificate request. Go to your Production Web site, enter Properties, and select Replace the current certificate - choose the new certificate from the list. Make sure you bind the Web site to a unique IP address at https Port 443, then Stop and then Start your Web site. When convenient, go into your MMC console (with Certificate snap-in added) and delete the old certificate.
Therefore, to perform the installation of the SSL certificate issued by a certificate authority, one should do the following steps: Note: It is highly recommended to check the option 'Require Server Name Indication' as it helps to have the certificate to be displayed correctly for sure, especially if there are multiple certificates present on the server.
I made the mistake of not naming it like that and what happens is that IIS 7.x won't let you set an SSL host header unless the friendly name starts with *.
You can see in this example how it looks if the certificate friendly name does not start with *: See how it is greyed out and you cannot set the host name.
Thanks to Joe Davis who told me how to rename the friendly name.
Click the Start button and then type MMC to load the Microsoft Management Console. From there you can right click the certificate and choose properties and you will be able to edit the friendly name.