• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2086
  • Last Modified:

URL masking / redirection IIS

On our current web server, we already serve the SSL
URL  https://a.b.com

We wud like to serve from the same web server another SSL
URL (website built in C# language in .Net Framework)
https://g.h.com:8340   but we don't want users to key
in the 8340 port but just https://g.h.com  & based on
the string 'g.h.com' received, the users will be redirected
to https://g.h.com:8340

We can define a DNS entry such that g.h.com points to
the same IP address as a.b.com

Can can we go about achieving this?
  • 2
1 Solution
sunhuxAuthor Commented:
Wud somethg like the following work:

1)      Change the SSL certificate to include the new host name (i.e. https://g.h.com)

2)      Then use command line to bind the host name to this SSL certificate.
         (This step can’t be done through the IIS website.)

         See more information here è http://blogs.iis.net/thomad/archive/2008/01/25/ssl-certificates-on-sites-with-host-headers.aspx
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Changing the certificate would be to add a "Subject Alternative Names" SAN to add g.h.com to the certificate, which you would need to work out with your certificate provider.  (You can't have two DIFFERENT certificates bound to the same port on the same server.)

Otherwise, you have all the pieces already.

(And I should add the caveat, I haven't done this in IIS7 with a SAN on the certificate, but have used a wildcard certificate, bound to port 443, and used host headers for https://a.b.com and https://c.b.com and https://d.b.com.  In that case, the graphical interface in iis recognizes the wildcard and allows input for the host header information.  The blog you included in your comment already has the steps to overcome the limitations in IIS7 though.)
sunhuxAuthor Commented:
Last question:
Suppose the web server's IP addr is currently NAT'ed by the
firewall to a public IP addr for public access, is it possible
to use say https://a.b.com/item2   where the public DNS
also points to the same public IP but when the web server
detected there's  "/item2" in the URL, it will automatically
go to (or redirected) a different SSL web server.

I was told the range of public IP addr (IPv4) for our domain
is exhausted & it's virtually impossible to ask for another
public IP address for our domain.

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now