All HTTPS traffic redirecting to one IIS site

Remove the https binding (443) from the site www.corpsite.com.

As a best practice, use a catch-all binding on your main site (as in port 80 without any host header), and specify the host header on your secondary sites.

Note that host headers on SSL is extremely limited in terms of support out there, so even if IIS on 2003 supports it I wouldn't bother to set it up. If you need SSL on more than one site in the future you should add another IP, or move the application to a virtual directory under your main site.

EDIT: I was wrong, very wrong

http://en.wikipedia.org/wiki/Server_Name_Indication

Seems like every major browser out there supports this now, so I guess the world has moved on since I last checked a few years ago! According to Microsoft, IIS Windows 2003 SP1 and later supports host headers on SSL binding, by using certain command-line tools. Note that you need a wilcard certificate to make it work.


It sounds like you have the sites on the same IP? Use Host Headers on both sites with the correct name on each.