Solved

Hosting multiple sites using SSL in IIS 6.0 - single external IP and ISA Server

Posted on 2004-08-31
5
5,332 Views
Last Modified: 2008-03-10
My company is currently trying to set up several sites that require SSL certificates.  Our current configuration consists of a Windows 2000 server running ISA Server 2000 which we use for a firewall / router. We have a single public IP address configured on that server.  Our web server is a Windows 2003 server running IIS 6, configured with several different private IP addresses.
 
At this time, I'm are running into several different issues.
 
First, can I configure our ISA Server (which has only one public IP) to bridge several different SSL certificates without using alternate ports?  In other words, can we use one public IP and many private IPs while still using SSL?  Or do we need to contact our provider and get more public IP addresses?
 
Second, for some reason, the ISA Server will only allow me to pick one of the two SSL certificates that are installed when trying to configure a new rule under the Web Publishing Rules, even though the second one seems to be installed properly when I check it in the Certificates snap-in of the MMC.  The first of the two certificates was installed almost a year ago, and has been working fine all this time.  So far I haven't been able to find anything like this problem by searching the web...anyone have any ideas on what might cause this?
 
Finally, there seems to be some sort of problem on the web server.  I have two secure sites, each configured on separate private IP addresses, but when I try to assign both sites port 443 for SSL, I get an error stating that "IIS was unable to start the site.  Another site may already be using the port you configured for this site.  Please select an unused port."  If I change the port, it works fine.  From what I understand, as long as the sites are using different private IPs, they should be both able to listen on port 443 at the same time.  Is there something I'm missing?
0
Comment
Question by:NocturnSystem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 500 total points
ID: 11961322
Hello,

it is only possible to have one ssl certificate per IPaddress/port combination.  it is a technical protocol limitation.

this limitation is highly likely to be the basis of all three issues.

please refer to this post to find out why:

http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20884241.html

0
 
LVL 37

Expert Comment

by:meverest
ID: 13339998
this should be a FAQ - i have answered the same question time and time again and the solution is always the same.  suggest accept meverest.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question