Re: Windows 2003 sbs : multiple webs & SSL
From: Erwin (ebuce_at_euronet.be)
Date: Sun, 12 Sep 2004 03:46:25 +0200
Like I said, I'm aware I'm a newbie as far as SBS is concerned, so don't
worry, I will not tamper with the server as long as I'm not 100% sure of
what I'm doing, but I had to have some general directions, which I now have.
Thanks for the advice though !
"SuperGumby [SBS MVP]" <email@example.com> wrote in message
> if you use a self generated certificate the user will be warned each time
> they browse the page that the certificate does not come from a trusted
> root. You can get them to install the cert though.
> Or you can purchase a certificate from a trusted root (verisign, fer
> instance) and install it on the server.
> Either way, you install the cert to IIS and control which directories
> 'require ssl'.
> NOTE: Someone asking these questions should read up on IIS and shouldn't
> even be dreaming about opening HTTP on their SBS. The fact of asking the
> question means you are not familiar enough with IIS to perform the task.
> "Erwin" <firstname.lastname@example.org> wrote in message
>> thanks for your prompt answer !
>> Let me recapitulate to see if I got it right :
>> 1. Forgetting about SSL for a moment, you CAN have different websites on
>> IP-address, using Host Headers, right ? (I don't know how to do that, but
>> at least I know it's possible, I'll figure it out somehow)
>> 2. SSL is only possible for 1 site. That's suits me fine, I don't need
>> for the other sites
>> 3. Now about those certs, you mean that the user has to install those
>> on his computer ? I thought the client just had to accept the fact that
>> is used (you know, the pop up windonw that comes up on which you have to
>> click "Accept" when you're installing a plug in to Internet Explorer);
>> Could you let me know if I'm on the right track here ? Thanks
>> "Steve Bruce, mct" <email@example.com> wrote in message
>>> Yes you can issue your own certificates but it usually done when people
>>> know are going to be accessing the server, because you have to make
>>> arrangements for the installation of root certificate on their computer.
>>> There is a sample .asp page on the microsoft support site that you can
>>> for installing root certs on clients.
>>> this is what it looks like when adapted - takes a while to load because
>>> don't yet have the cert on your computer.
>>> Certificates for SSL have to be created to exactly match the url used to
>>> to the site. You can put different certificates on different web sites.
>>> To host multiple SSL sites on a server, you cannot use Host Headers to
>>> direct requests to the correct site because the Header cannot be read
>>> because it is encrupted.
>>> To support SSL with default port#s to one server you need an IP addres
>>> each site.
>>> "Erwin" <firstname.lastname@example.org> wrote in message
>>> > Hi,
>>> > being a newbie as far as W2003 SBS is concerned, I'm aware that the
>>> > following questions are probably asked a 1000 times before, but I
>>> > can't
>>> > a clear picture.
>>> > Here it goes :
>>> > 1. Is it possible on W2003 SBS to host multiple webs ? I would like to
>>> > www.abc.com and www.def.com to point to different virtual folders.
>>> > I know of the options :
>>> > a. get another IP address
>>> > b. use a different IP-port
>>> > c. use virtual folders (www.abc.com/abc and www.abc.com./def)
>>> > but they are all not quite what I need
>>> > 2. For a virtual folder, I would need SSL. Is it possible in W2003 SBS
>>> > being your own CA ? I've read somewhere it is, but the article was for
>>> > securing your WHOLE website, while I need only to secure a virtual
>>> > Any help on this would greatly be appreciated !
>>> > Erwin Bauwens