Re: Wildcard SSL Implementation
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 06/19/03
- Next message: BB: "Re: Wildcard SSL Implementation"
- Previous message: BB: "Re: IIS 4.0 and insalling ssl key"
- In reply to: BB: "Re: Wildcard SSL Implementation"
- Next in thread: BB: "Re: Wildcard SSL Implementation"
- Reply: BB: "Re: Wildcard SSL Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 Jun 2003 15:13:24 +1000
You can have a wildcard DNS name - for sure, and if you can get a wildcard
SSL cert then it'll work.
But it shouldn't match test.myCompany.com -and- test2.myCompany.com should
it?
*.myCompany.com is not test.myCompany.com (or so I thought).
Cheers
Ken
"BB" <qbernard@hotmail.com> wrote in message
news:uCCId1gNDHA.704@tk2msftngp13.phx.gbl...
: Interesting. I have done *.domain.com point to 1 site.
:
: 1) DNS A record '*'
: 2) Create a site 'no host header' bind to 1 IP
:
: If the certs common name is *.domain.com, I think it would
: likely works, no host header concept.
:
: Verisign provide * - wildcard cert as well.
:
:
: --
: Regards,
: Bernard Cheah
: http://support.microsoft.com/
:
:
: "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
: news:ezXn$vgNDHA.2636@TK2MSFTNGP10.phx.gbl...
: > You can't use host headers with SSL
: >
: > Why? Because the HTTP headers are encrypted, including the HTTP Host:
: > header, which means the server doesn't know which website the request is
: > going to.
: >
: > Each IP address can only have a single certificate for each port (eg one
: SSL
: > site on port 443, but you can configure additional sites on non-standard
: > ports if you want to).
: >
: > You can resolve both test.domain.com and test2.domain.com to the same IP
: > address if you want (the protocol has nothing to do with it - name
: > resolution is performed by DNS), but since you can only create a single
: > cert, and the cert includes the sitename, you'll get a warning on one of
: the
: > sites that the name in the cert doesn't not match the current name of
the
: > site.
: >
: > Cheers
: > Ken
: >
: > "Dan Foxley" <dfoxley@nospampacificdatavision.com> wrote in message
: > news:eH7EXKeNDHA.3768@tk2msftngp13.phx.gbl...
: > : I would like to implement Wildcard SSL on Win2k Sever SP3, IIS 5.1.
Can
: I
: > : do the following:
: > : https://test.domain.com
: > : https://test2.domain.com
: > :
: > : 1. Can both resolve to the same IP, using *.domain.com? (Host Headers
: > then,
: > : correct?)
: > :
: > : 2. If I have to generate a cert request for each Site "*.domain.com",
: will
: > : they all be the same, and be able to accept the Cert from the SSL
: > provider?
: > :
: > : 3. The article below states that IIS won't generate a cert request
with
: > : "*.domain.com".
: > :
: > : In general what is the intended way to set up Wildcard SSL on IIS 5.1?
: > :
: > : Thanks,
: > : Dan Foxley
: > :
: > : I found the following reference to Wildcard SSL certs. It's a little
: > : incomplete.
: > :
: > : http://www.windowswebsolutions.com/Articles/Index.cfm?ArticleID=25578
: > :
: > :
: >
: >
:
:
- Next message: BB: "Re: Wildcard SSL Implementation"
- Previous message: BB: "Re: IIS 4.0 and insalling ssl key"
- In reply to: BB: "Re: Wildcard SSL Implementation"
- Next in thread: BB: "Re: Wildcard SSL Implementation"
- Reply: BB: "Re: Wildcard SSL Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
