Multiple Sites running same code, w/SSL.

From: Jeffery Anti (iiisystems_at_yahoo.com)
Date: 11/24/04 

Date: 24 Nov 2004 11:54:49 -0800

I have an IIS 5.0 server hosting multiple sites that point to the same
code base. The host is the only part of the FQDN that changes per
customer. The domain for all the sites will always be samedomain.com.
All the sites resolve to the same IP so I use Host Header Name in IIS
to direct traffic. I know this isn't the best way, but it's what I
inherited and I have to make due for now.

"cust1" requires SSL, and "cust2" does not.

Example:

Site in IIS:
cust1.samedomain.com
(SSL ON)
home directory is /inetpub/mastersite

Site in IIS:
cust2.samedomain.com
(SSL OFF)
home directory is /inetpub/mastersite

Hitting https://cust1.samedomain.com works properly
Hitting http://cust2.samedomain.com works properly

Now here's the problem:
Hitting https://cust2.samedomain.com results in the end user being
presented w/a Certificate acceptance claiming the cert is not valid
for this site. There is NO cert setup for this site, only cust1 site
has a cert installed. For some reason IIS is attempting to direct all
https traffic to cust1 site regardless of the host name... it should
just say "no web site is configured blah".

How do I resolve this?

BTW: In IIS/Web Site/Web Site Identification/Advanced/
cust1.samedomain.com:80 is the only entry for the site
cust1.samedomain.com, and 443 is the only listing in "Multiple SSL
Identities"

Thanks all.
-Jeff

Relevant Pages

  • Re: 2 Subdomains - 1 IP Address
    ... >Home Directory: A directory located on this computer ... I just did some checks on the Default Web Site and discovered that the ... Shouldn't IIS first check for the most specialist case, ... >> second host header to each site matching that host name. ...
    (microsoft.public.inetserver.iis)
  • experiment supports concept of using host header names as securit y layer
    ... ISAPI filters can't evaluate a request until a virtual site has been ... selected and its set of running ISAPI filters has become known to the IIS ... As a quick experiment in using a host header name as a security device, ...
    (Focus-Microsoft)
  • Re: how to configure host headers for 3 IIS machines ?
    ... If you only have one public IP, this will not work with IIS only. ... Host multiple websites on one machine, and distinguish them with a host ... Using host headers, without including the external IP and another port is ... > Im looking to run three IIS machines on the same public IP. ...
    (microsoft.public.inetserver.iis)
  • Re: Cannot connect to Win. Auth site with IP address in URL
    ... Internet Explorer can not display the webpage is a generic error message. ... If it still says the same thing then there is no response from IIS. ... httperr.log file on IIS server to see if http.sys is dropping the request for some reason (e.g. bad host name) ...
    (microsoft.public.inetserver.iis.security)
  • Re: how to configure host headers for 3 IIS machines ?
    ... The CS-Host field is sent by the client. ... If the server is configured with host headers only, ... Kristofer Gafvert - IIS MVP ...
    (microsoft.public.inetserver.iis)