carlssj1
asked on
Can I have one ssl certificate for multiple domains? (iis windows 2003 server)
Hi,
I have a continuation of the question "Can I have one SSL certificate for 3 domains, IIS on a windows 2003 server?"
If the domains are as follows - domain1.com and domain2.com will the SAN cert or UC cert still work? All the examples on the related question use domain.com, domain.net. Domain1.com is our original site and we have a requirement to create a dns alias as domain2.com. Is there any way to get this to work without receiving the security error?
I have a continuation of the question "Can I have one SSL certificate for 3 domains, IIS on a windows 2003 server?"
If the domains are as follows - domain1.com and domain2.com will the SAN cert or UC cert still work? All the examples on the related question use domain.com, domain.net. Domain1.com is our original site and we have a requirement to create a dns alias as domain2.com. Is there any way to get this to work without receiving the security error?
ASKER
Let me clarify one more thing...
our situation is actually xxx.domain2.com alias of xxx.domain1.com
yyy.domain2.com alias of yyy.domain1.com
Will this still qualify for one SAN certificate or does it require multiple?
Thanks for your help.
Sandy
our situation is actually xxx.domain2.com alias of xxx.domain1.com
yyy.domain2.com alias of yyy.domain1.com
Will this still qualify for one SAN certificate or does it require multiple?
Thanks for your help.
Sandy
ASKER
additional info.....
yyy.domain1.com is actually extended sharepoint web application of xxx.domain1.com
Sandy
yyy.domain1.com is actually extended sharepoint web application of xxx.domain1.com
Sandy
If you look in IIS Manager, do they actually appear as one 'Site' or two separate 'Sites'? Based on what you are saying, I would suggest they appear as one site.
If they are a single site which the two names both refer to, then a SAN certificate containing xxx.domain1.com and yyy.domain1.com will work for you.
-Matt
ASKER
xxx.domain1.com and yyy.domain1.com appear as two separate sites in iis. xxx.domain1.com was created as a sharepoint site and then extended as yyy.domain1.com. One site has a 'listener' in ISA and the other one doesn't. The new domain sites - xxx.domain2.com and yyy.domain2.com - were created as aliases of the two original sites in DNS. They could both point to xxx.domain1.com if this will help us get by with just one certificate. I really appreciate the help and I hope I have explained it clearly enough.
Thanks,
Sandy
Thanks,
Sandy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A SAN certificate will do just what you need. You would simply add all the domains the site can be accessed by as Alternate Names in the SAN certificate, then install it on the IIS Server.
Provided all the domains map to the same IIS site, this will not be a problem.
If they use multiple IIS sites then you need multiple certificates.
-Matt