Re: securing multiple websites using wildcard certificate - one IIS 6.0 server

Use one virtual web with a unique IP and use the same IP for your DNS for
any/all hostnames. Then just install the wildcard cert on that virtual web.
At that point, you can add/remove any web name you want by adding/removing
hostnames in DNS. No additional configuration of the virtual web is
required because all it cares about is the IP and the primary domain name
for the cert.

On other note, your use of "website" is technically incorrect and has too
much "layaman's terms" to it.

You have three HOSTNAMES, a b c. WEBSITES in IIS mean a root folder with
files and virtual folders under it, an icon on the tree in the IIS
management tool. To which you may attach one or more hostname. You might
be able to install the same cert three times (once each on three virtual
webs), but unless there is a different file structure or something that
would be pointless.

I mention this because it appears to be causing extra confusion that may be
interfering with your ability to accurately think about your configuration.


"nix" <jyoo@xxxxxxxxxx> wrote in message
news:1148316889.564726.277930@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
My setup is as below -

Windows Server 2003 SP1

3 websites running in IIS 6.0
a.domain.com
b.domain.com
c.domain.com

internal IP 1.1.1.1
external ip 2.2.2.2
1-to-1 nat of 2.2.2.2 to 1.1.1.1 by firewall

currently all 3 websites are reachable from outside

What I want to do is enable SSL on all 3 sites. I realize I can do
this by obtaining a wildcard certificate *.domain.com.

questions I have -
1. since there are multiple websites, which one will request for SSL?
(generate CSR)
2. how can I install the certificate on the other 2 websites? do I
create a request from IIS and just import the certificate obtained from
step 1 or do I import/export?

I've installed single SSLs no problem but first time using wildcard and
it is somewhat confusing.

I know with SP1, we can now use a wildcard SLL on multiple websites
using host headers.

Thanks!



.

Relevant Pages

  • Re: Multiple SSL certs on a single server IIS 6.0
    ... > We have a server hosting a number of websites accessed via SSL using ... > second series of websites but with different branding but hosted on the ... you CANT put more than one cert on the same IP. ... information IIS uses to determine what virtual web to use is ...
    (microsoft.public.inetserver.iis.security)
  • Re: Include File or Include Virtual
    ... I don't know what the absolute ... path will be if the end user decides to install it in a subdirectory instead ... of it's own virtual web. ... >> installing in a root web situation, ...
    (microsoft.public.inetserver.asp.general)