Re: Mutliple sites needing to communicate over SSL on one IIS server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Jay Hulslander (jdh34_at_cornell.edu.REMOVETHIS)
Date: 01/12/05 

Date: Wed, 12 Jan 2005 10:18:57 -0500

Thanks, that would be my problem. Is there a reason IIS does not support
host header differentiation with SSL (443) port requests, much like they do
with port 80?

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:e9PPXTL%23EHA.1296@TK2MSFTNGP10.phx.gbl...
> "Jay Hulslander" <jdh34@cornell.edu.REMOVETHIS> wrote in message
> news:cs3ci5$rm5$1@news01.cit.cornell.edu...
> > Hello, I need help setting up IIS to manage two sites that need to
> > comunicate over SSL. Here is an example:
> > https://www.apps.com
> > https://www.resources.com
> >
> > Certain pages on the apps site references images, for example, that are
> > hosted on the resources site.
> >
> > I have the two sites set up. I have the two sites set up with the
proper
> > host header information.
> > When I go to an SSL secured page on the apps site, it works fine. No
> > certificate errors. When I got to an SSL secured page on the apps site
> that
> > reference a secured image on the resouces site, I get a security alert
> > stating the following. "The name on the security certificate is invalid
> or
> > does not match the name of the site." I checked the certificates
> installed
> > to each site, and appear to be correct. My best guess is that when an
SSL
> > request comes for the resources site, IIS is returnin the certificate
from
> > the apps site. I tried setting up a non standard SSL port on the
> resources
> > site, it made no difference.
> >
> > How can I properly setup this situation?
>
> SSL requires that each web site have its own IP address. You cannot use
> Host Headers alone to distinguish the sites.
>
>

Relevant Pages

  • Re: Win2003 Upgrade Broke SSL?
    ... The reason I say that the upgrade did not break SSL is because IIS has no ... problems relating to port 443 being occupied suggests that you did something ...
    (microsoft.public.inetserver.iis)
  • Re: Mutliple sites needing to communicate over SSL on one IIS server
    ... it is not a limitation of IIS. ... The request (including the ... webserver) to find out what the host header is. ... "HTTP 1.1 Host Headers Are Not Supported When You Use SSL" ...
    (microsoft.public.inetserver.iis)
  • Re: IIS 6.0, Host Headers and SSL
    ... Sounds like something thing is binding to port 443. ... next, if it's working, then reconfigure host header for the two ssl site, ... >I have tried it with an IP address as we;; as the port and host header. ... >>> innocent but the settings are otherwise exactly as they really are. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Switching from http to https
    ... the default website with SSL not enabled (using port 443) in the IIS. ... a certificate to the program. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Win2003 Upgrade Broke SSL?
    ... I installed> Exchange 2003 and then upgraded to Windows 2003 server. ... IIS manager would not let me start the "default web page",> which housed our intranet, because it could not start SSL on port 443. ...
    (microsoft.public.inetserver.iis)