Re: Mulit-domain SSL cert installation

From: David Wang <w3.4you@xxxxxxxxx>
Date: Fri, 18 Jul 2008 21:51:51 -0700 (PDT)

On Jul 18, 5:42 am, Joe <J...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

I am hosting multiple domains on my Win2k3/IIS 6 server using a single IP
address and host headers. For the past year I have had only one domain that
required an SSL certificate. Now I have two, and I learned the hard way that
I can't have 2 separate SSL certs on the same server with only 1 IP address.
Rather than use up one of my limited external IP addresses, I went to Godaddy
and purchased a multi-domain cert (not a wildcard cert) with one primary
domain and 2 secondardy names (SANs.) However, everything went downhill when
I tried to install the new cert. I exported and removed the original cert,
then installed the new cert on the new primary web site. I then installed
the existing cert on the other web site. At this point nothing worked. The
new primary site wouldn't start because port 443 was already in use, and the
original site wouldn't find its secure pages. Godaddy support said this was
beyond the scope of their knowledge (even thought they sold the cert.)

Does anyone have any experience with multi-domain certs? This is a
production web server and I can't do any testing during the day. Any help is
greatly appreciated.
Thanks,
Joe

I suggest starting with the IIS documentation of how to do SSL of
multiple domains over a single IP. If you follow its instructions and
understand the fundamental limitations of SSL in your scenario (no
matter what web server you use), you should be fine.

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/596b9108-b1a7-494d-885d-f8941b07554c.mspx?mfr=true

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
.

Follow-Ups:
- Re: Mulit-domain SSL cert installation
  - From: Joe

Prev by Date: Re: Client Certs behind a Load Balancer
Next by Date: Re: 401.3 when logging in as user on the same system
Previous by thread: Re: Client Certs behind a Load Balancer
Next by thread: Re: Mulit-domain SSL cert installation
Index(es):
- Date
- Thread

Relevant Pages

Re: Windows 2003 sbs : multiple webs & SSL
... You can get them to install the cert though. ... > instance) and install it on the server. ... Forgetting about SSL for a moment, you CAN have different websites on ...
(microsoft.public.windows.server.sbs)
Re: Require SSL certificate
... This will be true if running under SSL. ... Once a web cert is associated with a site, it doesn't need to be installed ... > I have a website and a security certificate, i install the security> certificate for the site. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: ssl question
... you have some problem with the cert itself. ... The Web site might be experiencing technical> difficulties, or you may need to adjust your browser settings....Cannot> find server or DNS error" ... Determine If SSL Connectivity Is Not Working on ... It says to> attach assign the certificate to the default web site, ...
(microsoft.public.inetserver.iis.security)
Re: Win Mobile 5 + SBS 2003 SP1 + Exchange SP1 Connection woes
... The problem is the same with or without SSL ticked. ... So the certificate copied over just fine and has been installed on both ... The directions for install state that I can use the cert from the ...
(microsoft.public.windows.server.sbs)
Re: What type of GoDaddy certificate do/will I need?
... Is it easy to "upgrade" to a more full featured cert if I get to that point? ... GoDaddy has 3 levels, Standard SSL, Deluxe SSL, and Premium SSL. ... When I go to install SBS2008 I want to make the right choices right off the ... gd_iis_intermediates certificate file. ...
(microsoft.public.windows.server.sbs)