IIS6, mulitple Versign Certificates and Host Headers

7 Oct 2008 6:58 PM

Janet

I'm running Server 2003, IIS6, with multiple websites using host headers. I
have one website running a Versign cert on port 443. I need to add another
certificate for a separate site but I'm having problems. Does the second
site have to have it's own ip address? Wildcard cert does not work for me
(been there, tried it, failed miserably). If so, got a url for instructions
on setting that up on the server? TCP/IP settings?

Thanks,
Janet

8 Oct 2008 2:50 AM

David Wang

On Oct 7, 11:58 am, Janet <Ja***@discussions.microsoft.com> wrote:

> I'm running Server 2003, IIS6, with multiple websites using host headers. I
> have one website running a Versign cert on port 443. I need to add another
> certificate for a separate site but I'm having problems. Does the second
> site have to have it's own ip address? Wildcard cert does not work for me
> (been there, tried it, failed miserably). If so, got a url for instructions
> on setting that up on the server? TCP/IP settings?
>
> Thanks,
> Janet

Only One Certificate is allowed per Website Binding. This is not an
IIS restriction -- it is an SSL requirement.

Thus, if you need to use multiple certificates (and not a single
certificate with multiple hostnames), you must have multiple Websites,
and Websites have to differ in at least one way between IP, Port, and
HostHeader. Since you likely want to keep port 80 (so users don't need
to enter it on the URL) and the registered Hostname in DNS, most
people obtain a new IP to accomplish multiple SSL websites.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

8 Oct 2008 1:08 PM

Janet

David,

Thanks. I was hoping for an unknown epiphany, but will work on a new ip
address.

Janet