IIS6, Multiple Sites and SSL

This may sound a little stupid, but I'm more of a dev guy than a server admin and I am incredibly boneheaded when it comes to IIS. So please bear with me here.

I currently have a client that has a dedicated 2K3 box running IIS6. They are hosting one site on this box, with two domains resolving to that site (domain1.com, domain2.com). The site is stored in the typical C:\Inetpub\www folder. In addition, there is a section of the site that is protected by SSL. There are two SSL certs, one for each domain.

When a user goes to https://www.domain1.com, everything is fine. However, when the user goes to https://www.domain2.com, Internet Explorer kicks up a security warning. Obviously, this is not what we want.

Here is a bit of information as best as I can give it about the site setup in the IIS Manager.

There are two sites listed here, "domain1.com" and "Administration". When I go into the properties for domain1.com, the IP address has a value of "(All Unassigned)".

Under Advanced, "domain2.com" is listed with an IP address of "Default". Also, in "Multiple SSL identities for this Web site" there is one entry with the IP address of "Default" and the standard SSL port of 443.

I can view the certificate for domain1.com under "Directory Security > View Certicate". It appears everything is OK there.

So, to recap: I am trying to set up separate SSL certificates for separate domains that both lead to the same place. Is this possible? If anyone can explain the process to me (and dumb it down as much as possible) or at least point me in the right direction, it would be greatly appreciated.

Please let me know if this doesn't make any sense, or if I didn't provide you with enough (or the right) information.

There may be better solutions to this but the easist way might be to create two separate IIS sites each assigned to a different bound IP.  However, point both to the same directory for the web site root.

You could use url forwarding or even bind the two domains to the same ip.  That might not fix your security warnings though.

The solution really depends what you want the user experience to be. The easiest solution, as Robbe mentioned, would be to create a new site for domain2.com and make it a "permanent redirect" to an "exact URL" and point it to domain1.com.

Now, if a user browses to domain2.com and you want them to stay on domain2.com and not be redirected, you'd need to purchase another SSL cert for domain2.com and put it on another IIS site with another IP - the point here is that you cannot bind more than one cert to a single IP. Then, as Robbe said, you can point both to the same home directory.