Welcome to MobyThreads.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in
All support for the MobyThreads Threaded phpBB MOD can now be found on welsolutions at this forum

Managing SSL Keys

  
   Web Hosting and Web Master Forums (Home) -> IIS RSS
Next:  Network Password required in IIS 5.0  
Author Message
user863

External


Since: Sep 26, 2003
Posts: 2



(Msg. 1) Posted: Fri Sep 26, 2003 4:07 pm
Post subject: Managing SSL Keys
Archived from groups: microsoft>public>inetserver>iis (more info?)
Hi,

I have one webserver with multiple SSL sites.

Site1.domain.com 127.0.0.1
SSLSite1.domain.com 127.0.0.1
SSLSite2.domain.com 127.0.0.1

Right now, everything calling SSLSite2.domain.com is pulling everything
from SSLSite1.domain.com.

Is there anyway to have both certificates based on the same IP?

Thanks,
Gary

 >> Stay informed about: Managing SSL Keys 
Back to top
Login to vote
alun

External


Since: Sep 03, 2003
Posts: 11



(Msg. 2) Posted: Fri Sep 26, 2003 10:20 pm
Post subject: Re: Managing SSL Keys [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
In article <OplG6kFhDHA.2212.TakeThisOut@tk2msftngp13.phx.gbl>, "Gary" <n> wrote:
 >I have one webserver with multiple SSL sites.
 >
 >Site1.domain.com 127.0.0.1
 >SSLSite1.domain.com 127.0.0.1
 >SSLSite2.domain.com 127.0.0.1
 >
 >Right now, everything calling SSLSite2.domain.com is pulling everything
 >from SSLSite1.domain.com.
 >
 >Is there anyway to have both certificates based on the same IP?

Yes. Get a "wild-card" certificate, whose CN - Common Name - "Issued to" is
"*.domain.com".

The sequence of connection is roughly this:

Browser connects to server.
Browser asks server to send its certificate.
Server sends certificate, browser and server start encrypting.
Browser sends request to server for web page - only at this point does it
identify the name of the server, in a host header.

Obviously, there can be only one. Certificate, that is, per IP address and
port combination. This is a limitation of HTTP over SSL, so it's the same
in all web browsers and servers.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at <a style='text-decoration: underline;' href="http://www.wftpd.com" target="_blank">http://www.wftpd.com</a> or email
1602 Harvest Moon Place | alun.TakeThisOut@texis.com.
Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.<!-- ~MESSAGE_AFTER~ -->

 >> Stay informed about: Managing SSL Keys 
Back to top
Login to vote
user863

External


Since: Sep 26, 2003
Posts: 2



(Msg. 3) Posted: Fri Sep 26, 2003 10:20 pm
Post subject: Re: Managing SSL Keys [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Thanks for the info.
I figured the one certificate per IP thing was going on, but I just wanted
to be sure.

"Alun Jones [MS MVP]" <alun.DeleteThis@texis.com> wrote in message
news:qk0db.217$Cw5.189540550@newssvr11.news.prodigy.com...
 > In article <OplG6kFhDHA.2212.DeleteThis@tk2msftngp13.phx.gbl>, "Gary" <n> wrote:
  > >I have one webserver with multiple SSL sites.
  > >
  > >Site1.domain.com 127.0.0.1
  > >SSLSite1.domain.com 127.0.0.1
  > >SSLSite2.domain.com 127.0.0.1
  > >
  > >Right now, everything calling SSLSite2.domain.com is pulling everything
  > >from SSLSite1.domain.com.
  > >
  > >Is there anyway to have both certificates based on the same IP?
 >
 > Yes. Get a "wild-card" certificate, whose CN - Common Name - "Issued to"
is
 > "*.domain.com".
 >
 > The sequence of connection is roughly this:
 >
 > Browser connects to server.
 > Browser asks server to send its certificate.
 > Server sends certificate, browser and server start encrypting.
 > Browser sends request to server for web page - only at this point does it
 > identify the name of the server, in a host header.
 >
 > Obviously, there can be only one. Certificate, that is, per IP address
and
 > port combination. This is a limitation of HTTP over SSL, so it's the same
 > in all web browsers and servers.
 >
 > Alun.
 > ~~~~
 >
 > [Please don't email posters, if a Usenet response is appropriate.]
 > --
 > Texas Imperial Software | Find us at <a style='text-decoration: underline;' href="http://www.wftpd.com" target="_blank">http://www.wftpd.com</a> or email
 > 1602 Harvest Moon Place | alun.DeleteThis@texis.com.
 > Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
 > Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Managing SSL Keys 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting and Web Master Forums (Home) -> IIS All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]