While working on a project recently I wanted to use SSL certificates on the Development environments so the developers could actually get a closer experience to what the end users are seeing in Pre-Production and Production. The domain names on Development are not the same as the Production ones and did not want to configure those the same as then I would have IP addressing and Routing issues when testing. So I wanted to use self-signed SSL certificates but had the standard issue when trying to run the six websites I have with SSL certificates without using massive amounts of IP addresses on the server which would cause me an issue later as I need to clone the Development machines.
So resolve this issue I used "SelfSSL" which can be downloaded from here:
http://www.microsoft.com/en-us/download/details.aspx?id=17275
This is the old IIS6 download but it works perfectly. Once downloaded then you use the following command line to create a self-certificate:
SelfSSL /N:CN={domain name} /V:{validity days} /S:{IIS Website ID} /K:{Key Size}
This approach above will create a single SSL certificate that you would apply to one site.
If we look at the properties of the certificate it looks like this:
To create one that can be used with multiple sites, kind of like a wildcard certificate you would do the same with a slight change.
SelfSSL /N:{List of Domains} /V:{validity days} /S:{IIS Website ID} /K:{Key Size}
SelfSSL /N:CN=site1.domain.com,CN=site2.domain.com,CN=site3.domain.com,CN=site4.domain.com,CN=sites.domain.com /V:1000 /S:1 /K:2048
This will create the following certificate:
Now we have a certificate with multiple common names that can be used on my development environment for multiple sites with the above domain names. Now to add the certificate to the server so they it is trusted and as if by magic all is well. J
Disclaimer: This should only be done in Development, unless you are going to add the certificate to everyone's workstation. Self-Signed are just for testing and Development.