External access to multiple SSL websites hosted on a sinlge IP address
In my home office, I only have one external IP address available to me. I want to be able to host more than one SSL based website behind my single IP address.
All the websites will be based around the same domain name (i.e. mail.domain.com, sftp.domain.com etc) but the websites WON'T be hosted on the same server. For example, the SFTP site will be hosted on an Accellion virtual appliance whereas the MAIL site will be hosted on Exchange CAS server.
Everything is hosted on two vSphere servers so I'm looking for a low cost/free solution on this one.
I've already done some research on this and if the websites are on the same host, it's not too difficult - but that's not my situation.
All the websites will be based around the same domain name (i.e. mail.domain.com, sftp.domain.com etc) but the websites WON'T be hosted on the same server. For example, the SFTP site will be hosted on an Accellion virtual appliance whereas the MAIL site will be hosted on Exchange CAS server.
Everything is hosted on two vSphere servers so I'm looking for a low cost/free solution on this one.
I've already done some research on this and if the websites are on the same host, it's not too difficult - but that's not my situation.
ASKER
[my quote]Everything is hosted on two vSphere servers[end quote]
[thetmanvn quote]if not you can go with virtualization using free vmware server[end quote]
ummmmmmmmm - vSphere is the latest version of VMware :)
Thanks for your suggestion of Apache2 on Linux - but I'm looking for a pre-built solution. I don't want to have to go down the route of doing it myself.
Ideally, looking for a virtual appliance for this.
[thetmanvn quote]if not you can go with virtualization using free vmware server[end quote]
ummmmmmmmm - vSphere is the latest version of VMware :)
Thanks for your suggestion of Apache2 on Linux - but I'm looking for a pre-built solution. I don't want to have to go down the route of doing it myself.
Ideally, looking for a virtual appliance for this.
Sorry sir, I just thought about webSphere, so it's my mistake, if you have vSphere installed, it's so great.
There're so many virtual appliance that come with Apache2 and mod_proxy, mod_rewite, mod_ssl enabled, but unfortunately, you must configure virtual host for reverse proxy by hand. Or you can look at commercial appliance as A10, ModSecurityPro,... for Web Reverse Proxy/Load Balancer/Web Application Firewall
But if you want to try with minimum first installation, you can go with ClearOS Virtual Image
http://www.clearfoundation.com/Software/downloads
Then configure the reverse proxy as this thread:
http://forums.whirlpool.net.au/forum-replies.cfm?t=1424346
There're so many virtual appliance that come with Apache2 and mod_proxy, mod_rewite, mod_ssl enabled, but unfortunately, you must configure virtual host for reverse proxy by hand. Or you can look at commercial appliance as A10, ModSecurityPro,... for Web Reverse Proxy/Load Balancer/Web Application Firewall
But if you want to try with minimum first installation, you can go with ClearOS Virtual Image
http://www.clearfoundation.com/Software/downloads
Then configure the reverse proxy as this thread:
http://forums.whirlpool.net.au/forum-replies.cfm?t=1424346
The reverse proxy is really the way to go,
Has for multiple HTTPS sites using a single Ip I'm not sure, the only way I would see it is with a wildcard certificate.
The way we do it is with 1 servername like this ssl.domain.com/owa ans ssl.domain.com/site1 and so one and it works.
It's not exactly what you want but with 1 single server certificate it will do the job. Uou can present several internal site thought 1 reverse proxy server, 1 port ( 443 ) and 1 ip.
Bye
Has for multiple HTTPS sites using a single Ip I'm not sure, the only way I would see it is with a wildcard certificate.
The way we do it is with 1 servername like this ssl.domain.com/owa ans ssl.domain.com/site1 and so one and it works.
It's not exactly what you want but with 1 single server certificate it will do the job. Uou can present several internal site thought 1 reverse proxy server, 1 port ( 443 ) and 1 ip.
Bye
ASKER
bougui - I explained in my question that the websites won't have the same name, but thanks for your input.
thetmanvn - thanks for the links - but I'm not a linux person so I'm not keen on using ClearOS. As for the reverse proxy thread, it's not clear and assumes that the person reading it knows Apache.
thetmanvn - thanks for the links - but I'm not a linux person so I'm not keen on using ClearOS. As for the reverse proxy thread, it's not clear and assumes that the person reading it knows Apache.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If not, you can have low cost/free using this case:
If you can invest another server, then buy a new server, if not you can go with virtualization using free vmware server.
Then deploy a Reverse proxy using Apache2 on Linux (Ubuntu, Debian, CentOS,...), it can handle almost request to almost kind of real webserver behind.