Hosting multiple sites using SSL in IIS 6.0 - single external IP and ISA Server

My company is currently trying to set up several sites that require SSL certificates.  Our current configuration consists of a Windows 2000 server running ISA Server 2000 which we use for a firewall / router. We have a single public IP address configured on that server.  Our web server is a Windows 2003 server running IIS 6, configured with several different private IP addresses.
At this time, I'm are running into several different issues.
First, can I configure our ISA Server (which has only one public IP) to bridge several different SSL certificates without using alternate ports?  In other words, can we use one public IP and many private IPs while still using SSL?  Or do we need to contact our provider and get more public IP addresses?
Second, for some reason, the ISA Server will only allow me to pick one of the two SSL certificates that are installed when trying to configure a new rule under the Web Publishing Rules, even though the second one seems to be installed properly when I check it in the Certificates snap-in of the MMC.  The first of the two certificates was installed almost a year ago, and has been working fine all this time.  So far I haven't been able to find anything like this problem by searching the web...anyone have any ideas on what might cause this?
Finally, there seems to be some sort of problem on the web server.  I have two secure sites, each configured on separate private IP addresses, but when I try to assign both sites port 443 for SSL, I get an error stating that "IIS was unable to start the site.  Another site may already be using the port you configured for this site.  Please select an unused port."  If I change the port, it works fine.  From what I understand, as long as the sites are using different private IPs, they should be both able to listen on port 443 at the same time.  Is there something I'm missing?
Who is Participating?
meverestConnect With a Mentor Commented:

it is only possible to have one ssl certificate per IPaddress/port combination.  it is a technical protocol limitation.

this limitation is highly likely to be the basis of all three issues.

please refer to this post to find out why:

this should be a FAQ - i have answered the same question time and time again and the solution is always the same.  suggest accept meverest.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.