Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 467
  • Last Modified:

IIS6 directing all https requests to the same site

Hi Experts,

We have a server with 50 or so sites on. 1 of these has a SSL certificate installed.  We've just realised that if we browse to any of the host headers hosted on the server with https, the server is directing and serving up the one site that has SSL installed, even though the host headers being requested are not listed for this site in IIS.  IE complains that the cert does not match the domain name of the site but if you proceed, it loads the site that has the SSL installed!

Any help appreciated...
0
jammy-d0dger
Asked:
jammy-d0dger
  • 2
1 Solution
 
Brad HoweCommented:
Hi there,
This is standard behaviour. For almost all web hosts.
Typically with SSL you would.
A> Assign multiple IP address to a server and use 1 IP for a single SSL HTTP(s) Site.
B> use different SSL Ports on the server.
C> Use a wildcard SSL and assign SSL Host Headers
The issue here is that HTTPS and HTTP are protcols and since HTTPS is encrypted, IIS has no idea how to handle it.  So when a site is on SSL, the host header is encrypted and since all the data is encrypted, IIS has no idea which site to send the traffic to. At the same time, you are using the same IP on HTTP to host multiple other Sites. so what is happening is IIS is reponding to host entry but feeding your SSL Site content.
In our config, we use 1 IP / SSL Site and bind it to a SSL Host Header. This way there is no confusion. For all other HTTP Sites, We use Host headers as well, but they are on another IP.
Hope it helps,
Hades666
 
0
 
Brad HoweCommented:
So for SSL,
1. Configure you site to be assigned to 1 unique IP.
2. Configure your sites to use host headers for port 80 and 443.
3. Create a cert.
4. Assign the cert to the Site.
5.  Configure Secure Server Bindings
                cscript adsutil.vbs set /w3svc/<WEBSITE ID>/SecureBindings ":443:your.domain.com
Cheers,Hades666
0
 
jammy-d0dgerAuthor Commented:
Apologies for delay, forgot about this question.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now