diff --git a/src/Microsoft.AspNetCore.Server.IISIntegration/WebHostBuilderIISExtensions.cs b/src/Microsoft.AspNetCore.Server.IISIntegration/WebHostBuilderIISExtensions.cs
index e4c5875bd6..1417c532ac 100644
--- a/src/Microsoft.AspNetCore.Server.IISIntegration/WebHostBuilderIISExtensions.cs
+++ b/src/Microsoft.AspNetCore.Server.IISIntegration/WebHostBuilderIISExtensions.cs
@@ -58,7 +58,7 @@ namespace Microsoft.AspNetCore.Hosting
                 else
                 {
                     // Lightup a new ANCM variable that tells us if auth is enabled.
-                    foreach (var authType in iisAuth.Split(';'))
+                    foreach (var authType in iisAuth.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
                     {
                         if (!string.Equals(authType, "anonymous", StringComparison.OrdinalIgnoreCase))
                         {
diff --git a/test/TestSites/StartupHelloWorld.cs b/test/TestSites/StartupHelloWorld.cs
index 1fa394eba8..a406626ede 100644
--- a/test/TestSites/StartupHelloWorld.cs
+++ b/test/TestSites/StartupHelloWorld.cs
@@ -42,11 +42,11 @@ namespace TestSites
                     var authScheme = (await authProvider.GetAllSchemesAsync()).SingleOrDefault();
                     if (string.IsNullOrEmpty(iisAuth))
                     {
-                        await ctx.Response.WriteAsync("backcompat;" + authScheme?.Name ?? "null");
+                        await ctx.Response.WriteAsync("backcompat;" + (authScheme?.Name ?? "null"));
                     }
                     else
                     {
-                        await ctx.Response.WriteAsync("latest;" + authScheme?.Name ?? "null");
+                        await ctx.Response.WriteAsync("latest;" + (authScheme?.Name ?? "null"));
                     }
                     return;
                 }