Hi,
we have 16 web servers running on NLB, configured to use CCS stored on fileshare (e. g.\\share\certificates). We have multiple certificates - e. g. EV certificate for www.domain.tld, wildcard cert *.domain.tld, EV certwww.domain.com, wildcard cert *.domain.com. Servers are configured to use SNI and also default binding is set.
As stated on MSDN blog, if I browse www.domain.tld IIS should look for filewww.domain.tld.pfx and if it doesn't exists then for _.domain.tld.pfx and if it also doesn't exist then it uses default binding.
Our problem is, that IIS on some web servers are serving EV cert www.domain.tld but at the same time some other web servers in NLB are serving *.domain.tld cert.
Does anybody have any idea why? All servers are configured exactly the same. Can there be some file-locking issue or something like that?
Our goal is to serve EV certificates if we have them for certain domain and if not then serve wildcard certificates.
Thank you for any ideas!
Daniel