?
Solved

How do I apply SSL certificates to multiple websites?

Posted on 2008-11-19
4
Medium Priority
?
754 Views
Last Modified: 2012-05-05
Box 1 is a Win 2003 server with DC, DNS, AD
Box 2 is a Win 2003 server with IIS.  It has a single NIC with IPs 192.168.1.12, 192.168.1.13, 192.168.1.14

In DNS I have 2 Host (A) entries:
app1.adfspoc.net for 192.168.1.13
app2.adfspoc.net for 192.168.1.14

In IIS I have 2 webs:
https://app1.adfspoc.net
https://app2.adfspoc.net

Both webs use port 80 and port 443.
App1 is assigned 192.168.1.13 for both ports
App2 is assigned 192.168.1.14 for both ports

I generated the following certificate with selfssl as follows:
selfssl /t /n:cn=app1.adfspoc.net /v:365 /s:67793743
selfssl /t /n:cn=app2.adfspoc.net /v:365 /s:74919743

My problem:  Both apps work at all time without SSL (http://...) But with SSL (https://...) only one of my web apps will work at a time.  To fix the broken one, I remove its SSL certificate then recreate it with selfssl.  However, this breaks the other app.  The IE error I get is: Internet Explorer cannot display the webpage.

I have limited experience with SSL certificates.  What I am doing wrong?  Thanks in advance.
0
Comment
Question by:acb55
  • 3
4 Comments
 
LVL 29

Expert Comment

by:coreybryant
ID: 23003994
Are you generating two SSL certs - one for the app1 and one for app2?

What is the exact error message you are getting?
0
 

Author Comment

by:acb55
ID: 23004252
Yes I am generating two SSL certs.

The full error text from IE is:

  Internet Explorer cannot display the webpage
   
   Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
 
   What you can try:
     Check your Internet connection. Try visiting another website to make sure you are connected.  
 
     Retype the address.  
 
     Go back to the previous page.
 
     More information

This problem can be caused by a variety of issues, including:

Internet connectivity has been lost.
The website is temporarily unavailable.
The Domain Name Server (DNS) is not reachable.
The Domain Name Server (DNS) does not have a listing for the website's domain.
If this is an HTTPS (secure) address, click tools, click Internet Options, click Advanced, and check to be sure the SSL and TLS protocols are enabled under the security section.  
0
 

Author Comment

by:acb55
ID: 23004281
With Google Chrome, I get the following error:

Error 104 (net::ERR_CONNECTION_FAILED): The attempt to connect to the server failed.
0
 

Accepted Solution

by:
acb55 earned 0 total points
ID: 23005175
Solved.

I replaced my 2 certificates with a single wild card certificate.  I followed these instructions: http://lanestechblog.blogspot.com/2008/03/creating-self-signed-wildcard-ssl.html.

Note sure if this SSL bug was a factor but I though I would mention for the benefit of someone else with similar issues.

http://blogs.msdn.com/david.wang/archive/2005/04/20/SelfSSL-Bug-with-websites.aspx#443686
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question