We host two websites with IIS 6.0 for staff to use as a portal. They both run on port 80 but use different host headers to differentiate.
We originally ran them using non-standard ports but found that so many places blocked everything but standard port access (80, 21, 443) so used host headers instead.
Now both sites need to use SSL. I enabled 443 through the firewall and installed certificate etc for the first site and it works fine.
However, what if the other site needs to use SSL as well....so will I have to make it run another port (e.g. 444) and link to that from the site? IIS doesn't seem to allow the use of host headers in the SSL identifying section.
Thanks in advance
George
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Changing the port will not resolve this.
You can't use named based resolution ( host headers ) with SSL, it's in how SSL works. It must be tied to a static IP address. If you only have 1 IP address then you can't do what you want. If you have more than 1 IP address then just setup the next virtual host, tie it to that next IP address and setup SSL just as you did with the first one.
You may also want to consider looking into Shared SSL, but that is usually not an option for individual sites, but more used by hosting companies.
Quick reference:
http://www.ourshop.com/res
Each static IP address can have unique ports bound to it, so you can run SSL on port 443 on every single static (different) IP address you have on the machine. You just can't bind the same port twice on the same IP, that's all.
You just go to IIS and setup the new site with one of the new IP's and then repeat the same process you did with the first one for SSL.
On the shared SSL issue. If you are going to run this on lots of sites in this same manner... then you may want to pickup a wildcard SSL cert. It basically certs *.yourdomain.com , You can get these for about $400 per year at xramp.com. Then you just setup DNS to point each 3rd level domain to the unique IP on the server, and all site have the same cert
" you cant use one ports for two apps on the same IP...not with SSL nor with anything else"
That is correct, but when running IIS without SSL you can install multiple sites on the same IP and port number because IIS will look at the header to determine which one to serve. Similar thing with Virtual Servers in apache.
Business Accounts
Answer for Membership
by: andynwellsPosted on 2005-12-20 at 11:47:25ID: 15521248
It looks like this website has detailed information about installation of SSL with IIS.
http://www.petri.co.il/
The relevant part for you would be:
"Note: SSL can only listen once on port 443, requiring you to either select a different SSL port for each SSL protected website you're about to host on the server, or, even better, use a different static IP for each site, and share port 443 amongst them."