Re: Windows 2003 sbs : multiple webs & SSL

From: Erwin (ebuce_at_euronet.be)
Date: 09/12/04


Date: Sun, 12 Sep 2004 03:46:25 +0200

Like I said, I'm aware I'm a newbie as far as SBS is concerned, so don't
worry, I will not tamper with the server as long as I'm not 100% sure of
what I'm doing, but I had to have some general directions, which I now have.
Thanks for the advice though !
Erwin

"SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
news:%23ioczGFmEHA.3608@TK2MSFTNGP09.phx.gbl...
> if you use a self generated certificate the user will be warned each time
> they browse the page that the certificate does not come from a trusted
> root. You can get them to install the cert though.
>
> Or you can purchase a certificate from a trusted root (verisign, fer
> instance) and install it on the server.
>
> Either way, you install the cert to IIS and control which directories
> 'require ssl'.
>
> NOTE: Someone asking these questions should read up on IIS and shouldn't
> even be dreaming about opening HTTP on their SBS. The fact of asking the
> question means you are not familiar enough with IIS to perform the task.
>
> "Erwin" <ebuce@euronet.be> wrote in message
> news:eVlYt8DmEHA.3876@TK2MSFTNGP15.phx.gbl...
>> Steve,
>> thanks for your prompt answer !
>>
>> Let me recapitulate to see if I got it right :
>>
>> 1. Forgetting about SSL for a moment, you CAN have different websites on
>> 1
>> IP-address, using Host Headers, right ? (I don't know how to do that, but
>> if
>> at least I know it's possible, I'll figure it out somehow)
>>
>> 2. SSL is only possible for 1 site. That's suits me fine, I don't need
>> SSL
>> for the other sites
>>
>> 3. Now about those certs, you mean that the user has to install those
>> certs
>> on his computer ? I thought the client just had to accept the fact that
>> SSL
>> is used (you know, the pop up windonw that comes up on which you have to
>> click "Accept" when you're installing a plug in to Internet Explorer);
>>
>> Could you let me know if I'm on the right track here ? Thanks
>> Erwin
>>
>> "Steve Bruce, mct" <steve@xmaslake.com> wrote in message
>> news:OfKEZqDmEHA.3900@TK2MSFTNGP10.phx.gbl...
>>> Yes you can issue your own certificates but it usually done when people
>> you
>>> know are going to be accessing the server, because you have to make
>>> arrangements for the installation of root certificate on their computer.
>>>
>>> There is a sample .asp page on the microsoft support site that you can
>> adapt
>>> for installing root certs on clients.
>>>
>>> this is what it looks like when adapted - takes a while to load because
>> you
>>> don't yet have the cert on your computer.
>>>
>>> https://mail.datacomintl.com/cert/
>>>
>>> Certificates for SSL have to be created to exactly match the url used to
>> get
>>> to the site. You can put different certificates on different web sites.
>>>
>>> To host multiple SSL sites on a server, you cannot use Host Headers to
>>> direct requests to the correct site because the Header cannot be read
>>> because it is encrupted.
>>>
>>> To support SSL with default port#s to one server you need an IP addres
>>> for
>>> each site.
>>>
>>>
>>> "Erwin" <ebuce@euronet.be> wrote in message
>>> news:uvR5xLDmEHA.3428@TK2MSFTNGP11.phx.gbl...
>>> > Hi,
>>> > being a newbie as far as W2003 SBS is concerned, I'm aware that the
>>> > following questions are probably asked a 1000 times before, but I
>>> > can't
>>> get
>>> > a clear picture.
>>> >
>>> > Here it goes :
>>> >
>>> > 1. Is it possible on W2003 SBS to host multiple webs ? I would like to
>>> have
>>> > www.abc.com and www.def.com to point to different virtual folders.
>>> > I know of the options :
>>> > a. get another IP address
>>> > b. use a different IP-port
>>> > c. use virtual folders (www.abc.com/abc and www.abc.com./def)
>>> > but they are all not quite what I need
>>> >
>>> > 2. For a virtual folder, I would need SSL. Is it possible in W2003 SBS
>> for
>>> > being your own CA ? I've read somewhere it is, but the article was for
>>> > securing your WHOLE website, while I need only to secure a virtual
>> folder.
>>> >
>>> > Any help on this would greatly be appreciated !
>>> >
>>> > Erwin Bauwens
>>> >
>>> >
>>>
>>>
>>
>>
>
>