3

We host many sites with domains on a single IP ie. www.domain1.com, www.domain2.com. We want to secure /admin using SSL. Historically each SSL cert needs a unique IP address. These are small sites and acquiring / assigning an individual IP to each site is unrealistic both in terms of maintainability and cost. Because we are not using sub domains the wildcard SSL cert approach won't work.

Googling around I found that Apache can do this by using TLS, see answer here: SSL site not using the correct IP in Apache and Ubuntu

My question is whether this is possible with IIS 7.5 too? If so, does anyone know how to set this up?

Dave Quested
  • 131
  • 2
  • Details of TLS SNI (http://en.wikipedia.org/wiki/Server_Name_Indication). Seems IIS support only comes in IIS8 (http://learn.iis.net/page.aspx/1096/iis-80-server-name-indication-sni-ssl-scalability/). Has anyone managed to get this working in IIS7.5 somehow? – Dave Quested May 17 '12 at 03:17

1 Answers1

2

No - there is no way to get Server Name Indication support in IIS 7 or 7.5.

Consider a reverse proxy configuration, with a web server that supports SNI sitting in front of IIS.

Shane Madden
  • 112,982
  • 12
  • 174
  • 248