We are having multiple business sites hosted on Windows 2008 r2 server. We do own a static IP. We want to have all of the sites work under SSL. However it is kinda not possible to have separate certificate purchase for each site. We were thinking to purchase certificate for static IP we have and apply that certificate to all of the site.
Is this possible? If yes, are there any security risk attached with this approach?
Yes, you can get a valid SSL certificate issued by trusted CA's where the common name in the certificate is an ip-address.
But as that will not make the certificate valid for any of the DNS names that resolve to that ip-address. There will still be a mismatch between the hostname in the address bar (www.example.com) and the hostname in the SSL certificate (your ip), resulting in a warning in most browsers.
If you're limited and can only install a single certificate, it is possible to buy certificates which are valid for multiple domain names (for instance both www.example.com and www.example.org) which are supported by the majority of active browsers. The technical name of the feature is subject alternative name, but most often you'll see them listed as SAN or UC unified communications certificates.
Yes it is possible to secure all your domains under single IP address.
There are plenty of options available.
Using Wildcard SSL certificate you can secure your website and unlimited sub-domains (same hostname) on any server.
If you have multiple domains and you want to protect them all with single certificate on any server then you should buy a Multi-domain (SAN) SSL certificate.
If you want to secure multiple domains & their unlimited sub-domains then you should purchase Multi Domain Wildcard SSL Certificate.
