1

Possible Duplicate:
Multiple SSL domains on the same IP address and same port?

For example let's say I want 3 different domains, but it's all the same directory and IP and port numbers. However they must get the proper SSL for the domain they chose, naturally. Is this possible? How would I configure it as such? Will the request know which site to go to in order to have the proper SSL for that domain?

Community
  • 1
MetaGuru
  • 856
  • 5
  • 22
  • 35

3 Answers3

3

With SSL negotiation and certificate checking is done before the HTTP request with a Host header is sent. There is no way to serve a different certificate based on the Host header. You may be able to get a single certificate that supports multiple names either through a wildcard or SAN.

Newer versions of IIS support TLS with SNI which would also permit the server to use the correct certificate. This is only supported on recent web servers and browsers though. If you still have lots of users connecting with older browsers IE6, or you cannot upgrade to the newest IIS then SNI is not an option.

Christopher Karel
  • 6,442
  • 1
  • 26
  • 34
Zoredache
  • 128,755
  • 40
  • 271
  • 413
2

You can only do this if the domains are all subdomains of the same domain, and you have a wildcard SSL certificate.

Mike Scott
  • 7,903
  • 29
  • 26
  • Hmm ok, so it would be a problem if I setup two different sites that both had the same IP then I guess? – MetaGuru Mar 10 '11 at 19:40
0

there are SSL certificates out there that exploit the Subject Alt Name field of certificates to achieve this, GoDaddy, does a multi domain UCC certificate for a bit more than your average SSL, however older browser support is patchy at best (who needs IE6 anyway ;) )

anthonysomerset
  • 3,983
  • 2
  • 20
  • 24