Solved

Hosting multiple sites using SSL in IIS 6.0 - single external IP and ISA Server

Posted on 2004-08-31
5
5,329 Views
Last Modified: 2008-03-10
My company is currently trying to set up several sites that require SSL certificates.  Our current configuration consists of a Windows 2000 server running ISA Server 2000 which we use for a firewall / router. We have a single public IP address configured on that server.  Our web server is a Windows 2003 server running IIS 6, configured with several different private IP addresses.
 
At this time, I'm are running into several different issues.
 
First, can I configure our ISA Server (which has only one public IP) to bridge several different SSL certificates without using alternate ports?  In other words, can we use one public IP and many private IPs while still using SSL?  Or do we need to contact our provider and get more public IP addresses?
 
Second, for some reason, the ISA Server will only allow me to pick one of the two SSL certificates that are installed when trying to configure a new rule under the Web Publishing Rules, even though the second one seems to be installed properly when I check it in the Certificates snap-in of the MMC.  The first of the two certificates was installed almost a year ago, and has been working fine all this time.  So far I haven't been able to find anything like this problem by searching the web...anyone have any ideas on what might cause this?
 
Finally, there seems to be some sort of problem on the web server.  I have two secure sites, each configured on separate private IP addresses, but when I try to assign both sites port 443 for SSL, I get an error stating that "IIS was unable to start the site.  Another site may already be using the port you configured for this site.  Please select an unused port."  If I change the port, it works fine.  From what I understand, as long as the sites are using different private IPs, they should be both able to listen on port 443 at the same time.  Is there something I'm missing?
0
Comment
Question by:NocturnSystem
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 500 total points
ID: 11961322
Hello,

it is only possible to have one ssl certificate per IPaddress/port combination.  it is a technical protocol limitation.

this limitation is highly likely to be the basis of all three issues.

please refer to this post to find out why:

http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20884241.html

0
 
LVL 37

Expert Comment

by:meverest
ID: 13339998
this should be a FAQ - i have answered the same question time and time again and the solution is always the same.  suggest accept meverest.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSO via Webmail site, Exchange 2010. 1 34
Http hosting redirect issue 2 44
DLL in ASP.NET 20 67
Unable to use host header for secured websites using a single IP address 2 20
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question