[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Hosting multiple sites using SSL in IIS 6.0 - single external IP and ISA Server

Posted on 2004-08-31
5
Medium Priority
?
5,337 Views
Last Modified: 2008-03-10
My company is currently trying to set up several sites that require SSL certificates.  Our current configuration consists of a Windows 2000 server running ISA Server 2000 which we use for a firewall / router. We have a single public IP address configured on that server.  Our web server is a Windows 2003 server running IIS 6, configured with several different private IP addresses.
 
At this time, I'm are running into several different issues.
 
First, can I configure our ISA Server (which has only one public IP) to bridge several different SSL certificates without using alternate ports?  In other words, can we use one public IP and many private IPs while still using SSL?  Or do we need to contact our provider and get more public IP addresses?
 
Second, for some reason, the ISA Server will only allow me to pick one of the two SSL certificates that are installed when trying to configure a new rule under the Web Publishing Rules, even though the second one seems to be installed properly when I check it in the Certificates snap-in of the MMC.  The first of the two certificates was installed almost a year ago, and has been working fine all this time.  So far I haven't been able to find anything like this problem by searching the web...anyone have any ideas on what might cause this?
 
Finally, there seems to be some sort of problem on the web server.  I have two secure sites, each configured on separate private IP addresses, but when I try to assign both sites port 443 for SSL, I get an error stating that "IIS was unable to start the site.  Another site may already be using the port you configured for this site.  Please select an unused port."  If I change the port, it works fine.  From what I understand, as long as the sites are using different private IPs, they should be both able to listen on port 443 at the same time.  Is there something I'm missing?
0
Comment
Question by:NocturnSystem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 2000 total points
ID: 11961322
Hello,

it is only possible to have one ssl certificate per IPaddress/port combination.  it is a technical protocol limitation.

this limitation is highly likely to be the basis of all three issues.

please refer to this post to find out why:

http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20884241.html

0
 
LVL 37

Expert Comment

by:meverest
ID: 13339998
this should be a FAQ - i have answered the same question time and time again and the solution is always the same.  suggest accept meverest.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question