Can I have more than one SSL Cert behind a DSL router? If so, how?

HI. We have a handful of servers behind a ADSL router (2Wire 2701). We are wanting to add SSL Certificates to our FTP and webservers. Does anyone know if I can have more than one SSL behind a DSL router? And if so, how would I set that up? What alternative ports can be used?

Who is Participating?
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
no. in order for a wildcard to work properly, you would need it to cover all domain names (so *.domain.tld would cover x.domain.tld and y.domain.tld, but not www.otherdomain.tld) and be on a shared server. even then, usually windows won't allow you to define that properly.

best bet is to ask your DSL provider if you can have some more IP addresses and route them though your 2701, then independently static nat those to each box.
ParanormasticCryptographic EngineerCommented:
Yes, you can - you just need to install them on the servers and have DNS be able to route to them.  Your DNS can route them all to your gateway, then NAT the internal network so each server has a unique IP so you can route to that.  If these are all hosted on the same box, then you will probably need to get a specialized cert - either a wildcard (* or a SAN (UC, multi-domain, etc.) cert (,,, etc.) or use PAT (port address translation) so you can use a different cert on each different port if you need to use the same IP for some reason.  If you use a wildcard or a SAN cert then you can still use host headers to point to the correct site, otherwise things get messy.
dsmjeffAuthor Commented:
So far, there all on different boxes. So just a standard SSL would work right?
Then set our router up to to all share 443?
dsmjeffAuthor Commented:
We do offer hosting, but as of right now, I do not need other domains secured right now. Just our company FTP/Web/Email that all use the same domain, just on different servers. Is my best bet to get a wildcard deal, or to just get individual ones?

And either way we go, how would we set that up behind the DSL?

ParanormasticConnect With a Mentor Cryptographic EngineerCommented:
Wildcard is probably the best bet if you are only dealing with one domain name.  If you use exchange 2007 then you may need to get a UC cert to handle multiple names to include the hostname, otherwise you can use the wildcard for email as well.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.