Re: Multiple SSL certs on virtual servers - add. info



I assumed you have disable socket pooling, and no other apps is binding
port 443 of the new ip address.
get tcpview or other port view program to double check.

--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/


"justageezer" <justageezer@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F0F39F35-508D-48A1-A168-7C822751384A@xxxxxxxxxxxxxxxx
I forgot to mention I'm running IIS5.1/Win2K fully patched, bandaged and
locked-down, and that I can get both secure sites to work if I use both a
different IP and a different port, however this would be the solution of
last
resort.
tia
Paul
"justageezer" wrote:

Hi all,
I've read the posts on multiple SSL certs on virtual servers, as well as
the
kb articles (again) and I'm wondering if anyone has had the same issue
I'm
getting now. In the past I've always managed to get multiple certs
working by
either using a different port or a different IP address. I understand
encrypted host headers but I thought that as long as the SecureBinding
for
the vserver was unique it should work.
E.g x.x.x.x:443 and x.x.x.x:444 would work, OR x.x.x.x:443 and
x.x.x.y:443
would work. IIS shouldn't need to decrypt the host header (which it cant
until it gets the right cert anyway) as long as there is only one vserver
that matches the IP:port of the request?
Sooo... I've gone to set up a second cert on our current server, bought a
second IP, configured the vserver to use the new IP and installed the
cert.
No joy - IIS won't bind as it claims that binding is taken - despite the
other ssl vserver using the other IP. If I set the second site to use
'All
Unassigned' IIS will bind, but it still don't work :(
SSL Diagnostic tool can successfully imitate a handshake, however a
browser
simply times out.
Any ideas?
TIA,
Paul Bryant


.



Relevant Pages

  • Re: SBS 2003 and Outlook RPC over HTTP issues
    ... Your cert is barfing due to the fact that the names do not match. ... some weird certificate error now though...if you want to see it ... As pointed out by others, port 80 does NOT need to be open, and yes, ... record pointing that to your SBS, and you have port 443 open and ...
    (microsoft.public.windows.server.sbs)
  • Problems simulation plb_gemac core for Virtex-II Pro
    ... I'm trying to simulate a design generated with EDK 7.1 that uses the ... nav, and using a testbench added to the proj nav project), the loading ... binding for component at 'u0'. ... # (Port 'mgmntenbl' is not on the entity.) ...
    (comp.arch.fpga)
  • Re: Cant connect with JavaMail even though Thunderbird works
    ... connections on port 993, or that your IMAP server was accepting them. ... You would have to manually tweak a few things to get unencrypted IMAP on ... The client only needs a cert. ...
    (comp.lang.java.programmer)
  • Deployment Error. Object reference not set to an instance of an ob
    ... Reading binding information for assembly ... "Graham.Corp.Ecom.Enterprise.Common.orchIDocInternalError" port ... Orchestration port is bound to send port ... assemblies. ...
    (microsoft.public.biztalk.general)
  • Re: SSL Multiple Ports
    ... Please inform us of the exact steps you are taking to install the client ... the cert store is maintained by IE. ... And this is the kicker u cant use SSL on w2003 IE on any other port apart ...
    (microsoft.public.inetserver.iis)