|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Multiple website in single IP, host header and SSL problemI have websites hosted in one server, single IP address using host header in IIS 6.0 (windows 2003 standard ed.) For illustration, in IIS I created 4 websites for respective domain name indentified on host header: www.domain1.com domain1.com www.domain2.com domain2.com I installed SSL on website www.domain1.com If I type https://www.domain1.com works fine. If I type https://domain1.com should be OK, although promp security for different site name Problem is, if I type https://www.domain2.com or https://domain2.com, it prompt security message and display www.domain1.com content. Should be something wrong in my configuration. I very appreciate for any person who can help solve this problem. Thank you, Martin Adhie There is nothing wrong with your configuration. Because there is only one
SSL-enabled website, any SSL requests will go through to that website. Host-Headers can not be used with SSL, because the Host header sent from the browser is encrypted so IIS can't use it to route requests to websites: only IP addresses and port numbers can be used. Cheers Ken Show quoteHide quote "prof_martin" <profmar***@discussions.microsoft.com> wrote in message news:F7CE0384-E8FE-491E-922F-E73CFEA7E369@microsoft.com... > Hi, > > I have websites hosted in one server, single IP address using host header > in > IIS 6.0 (windows 2003 standard ed.) > For illustration, in IIS I created 4 websites for respective domain name > indentified on host header: > > www.domain1.com > domain1.com > www.domain2.com > domain2.com > > I installed SSL on website www.domain1.com > If I type https://www.domain1.com works fine. > If I type https://domain1.com should be OK, although promp security for > different site name > > Problem is, if I type https://www.domain2.com or https://domain2.com, it > prompt security message and display www.domain1.com content. > > Should be something wrong in my configuration. > > I very appreciate for any person who can help solve this problem. > > Thank you, > Martin Adhie > Hi Ken, Thanks for the reply,
Now I understand how it can be like that. Anyway Bernard Cheah already told me that Win2003 SP1 can solve the issue of having SSL if using host header. I'll try to work on it. Thanks I appreciate that. Martin Adhie Show quoteHide quote "Ken Schaefer" wrote: > There is nothing wrong with your configuration. Because there is only one > SSL-enabled website, any SSL requests will go through to that website. > Host-Headers can not be used with SSL, because the Host header sent from the > browser is encrypted so IIS can't use it to route requests to websites: only > IP addresses and port numbers can be used. > > Cheers > Ken > > "prof_martin" <profmar***@discussions.microsoft.com> wrote in message > news:F7CE0384-E8FE-491E-922F-E73CFEA7E369@microsoft.com... > > Hi, > > > > I have websites hosted in one server, single IP address using host header > > in > > IIS 6.0 (windows 2003 standard ed.) > > For illustration, in IIS I created 4 websites for respective domain name > > indentified on host header: > > > > www.domain1.com > > domain1.com > > www.domain2.com > > domain2.com > > > > I installed SSL on website www.domain1.com > > If I type https://www.domain1.com works fine. > > If I type https://domain1.com should be OK, although promp security for > > different site name > > > > Problem is, if I type https://www.domain2.com or https://domain2.com, it > > prompt security message and display www.domain1.com content. > > > > Should be something wrong in my configuration. > > > > I very appreciate for any person who can help solve this problem. > > > > Thank you, > > Martin Adhie > > > > > This only works if you have a wildcard SSL certification (*.domain.com) and
all your hosts belong to the same domain. It does not work if you have domain1.com and domain2.com Cheers Ken Show quoteHide quote "prof_martin" <profmar***@discussions.microsoft.com> wrote in message news:032D45ED-30BA-475B-9E43-DFD131B680CF@microsoft.com... > Hi Ken, Thanks for the reply, > > Now I understand how it can be like that. Anyway Bernard Cheah already > told > me that Win2003 SP1 can solve the issue of having SSL if using host > header. > I'll try to work on it. > > Thanks I appreciate that. > Martin Adhie > > "Ken Schaefer" wrote: > >> There is nothing wrong with your configuration. Because there is only one >> SSL-enabled website, any SSL requests will go through to that website. >> Host-Headers can not be used with SSL, because the Host header sent from >> the >> browser is encrypted so IIS can't use it to route requests to websites: >> only >> IP addresses and port numbers can be used. >> >> Cheers >> Ken >> >> "prof_martin" <profmar***@discussions.microsoft.com> wrote in message >> news:F7CE0384-E8FE-491E-922F-E73CFEA7E369@microsoft.com... >> > Hi, >> > >> > I have websites hosted in one server, single IP address using host >> > header >> > in >> > IIS 6.0 (windows 2003 standard ed.) >> > For illustration, in IIS I created 4 websites for respective domain >> > name >> > indentified on host header: >> > >> > www.domain1.com >> > domain1.com >> > www.domain2.com >> > domain2.com >> > >> > I installed SSL on website www.domain1.com >> > If I type https://www.domain1.com works fine. >> > If I type https://domain1.com should be OK, although promp security for >> > different site name >> > >> > Problem is, if I type https://www.domain2.com or https://domain2.com, >> > it >> > prompt security message and display www.domain1.com content. >> > >> > Should be something wrong in my configuration. >> > >> > I very appreciate for any person who can help solve this problem. >> > >> > Thank you, >> > Martin Adhie >> > >> >> >> prof_martin wrote:
Show quoteHide quote >Hi, You can only use host headers and SSL together on a single IP if you have > >I have websites hosted in one server, single IP address using host header >in >IIS 6.0 (windows 2003 standard ed.) >For illustration, in IIS I created 4 websites for respective domain name >indentified on host header: > >www.domain1.com >domain1.com >www.domain2.com >domain2.com > >I installed SSL on website www.domain1.com >If I type https://www.domain1.com works fine. >If I type https://domain1.com should be OK, although promp security for >different site name > >Problem is, if I type https://www.domain2.com or https://domain2.com, it >prompt security message and display www.domain1.com content. > >Should be something wrong in my configuration. a wildcard SSL certificate and all the host headers belong to the same common domain (that's on the SSL certificate). For any other SSL scenario, you need one IP per SSL site. The reason for the difficulty is that the host header in the request is *inside* the encrypted request, which must therefore be decrypted before the header can be read. But the request must be handed off to a website before it can be decrypted. ie it's a chicken and egg situation (you need the header to decide which site, but you need the site to get at the header). -- Steve Foster [SBS MVP] --------------------------------------- MVPs do not work for Microsoft. Please reply only to the newsgroups. 
Other interesting topics
configure host name? localhost to localhost/(dir)
IIS Always asking for credentials Monitor IIS for http and https ussage! Delegation: IIS Server setup in typical 3-tier scenario. ISAPI filter with Basic Authentication and Asp.net impersonation Web Site Access requires UserID and Password - Resolved Extranet Authentication Import Cert without pfx or pending request The minimum right to be granted at user to manage IIS baffled - ability to create new file lost |
|||||||||||||||||||||||
