|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
SSL enabled site & DNSI created a test setup in a win 2003 std workgroup based network.
sys 1 configured as DNS, IIS & CA service. Sys2 configured with two websites. The HHN for the fisrt web is www.abc.com with ssl enabled & for the second it was www.xyz.com. that is a normal site well every thing works fine. I access the ssl enabled site as https://www.abc.com & the second site as http://www.xyz.com. I discovered that when I type https://www.xyz.com i see the home page of my first site. The site www.xyz.com is not ssl enabled. Why is it so? IIS does not support SSL and Hostheaders on the same site except under 1
condition which is using a Wildcard Certificate (both Expensive to buy and not that useful in most cases) Microsoft has produced a good tool to help diagnose SSL issues called SSLDiag available from http://www.microsoft.com/downloads/details.aspx?FamilyID=cabea1d0-5a10-41bc-83d4-06c814265282&displaylang=en In your case you really need a seperate IP Address to get around the issue or make the 2nd site use the Host Header. -- Show quoteHide quoteCheers Chris Crowe [IIS MVP 1997 -> 2006] http://blog.crowe.co.nz ------------------------------------------------ "Vicky" <Vi***@discussions.microsoft.com> wrote in message news:B984D7FA-6C67-4D9D-88F7-37ADCD866D9D@microsoft.com... >I created a test setup in a win 2003 std workgroup based network. > > sys 1 configured as DNS, IIS & CA service. > > Sys2 configured with two websites. The HHN for the fisrt web is > www.abc.com > with ssl enabled & for the second it was www.xyz.com. that is a normal > site > > well every thing works fine. I access the ssl enabled site as > https://www.abc.com & the second site as http://www.xyz.com. > > I discovered that when I type https://www.xyz.com i see the home page of > my > first site. The site www.xyz.com is not ssl enabled. Why is it so? Thank You so much
Show quoteHide quote "Chris Crowe [ IIS MVP 1997 -> 2006 ]" wrote: > IIS does not support SSL and Hostheaders on the same site except under 1 > condition which is using a Wildcard Certificate (both Expensive to buy and > not that useful in most cases) > > Microsoft has produced a good tool to help diagnose SSL issues called > SSLDiag available from > http://www.microsoft.com/downloads/details.aspx?FamilyID=cabea1d0-5a10-41bc-83d4-06c814265282&displaylang=en > > In your case you really need a seperate IP Address to get around the issue > or make the 2nd site use the Host Header. > -- > > > Cheers > > Chris Crowe [IIS MVP 1997 -> 2006] > http://blog.crowe.co.nz > ------------------------------------------------ > > "Vicky" <Vi***@discussions.microsoft.com> wrote in message > news:B984D7FA-6C67-4D9D-88F7-37ADCD866D9D@microsoft.com... > >I created a test setup in a win 2003 std workgroup based network. > > > > sys 1 configured as DNS, IIS & CA service. > > > > Sys2 configured with two websites. The HHN for the fisrt web is > > www.abc.com > > with ssl enabled & for the second it was www.xyz.com. that is a normal > > site > > > > well every thing works fine. I access the ssl enabled site as > > https://www.abc.com & the second site as http://www.xyz.com. > > > > I discovered that when I type https://www.xyz.com i see the home page of > > my > > first site. The site www.xyz.com is not ssl enabled. Why is it so? > > > 
Other interesting topics
HOW TO IIS -Security
Security in SMTP Virtual Server Application Pool domain credentials integrated authentication securing multiple websites using wildcard certificate - one IIS 6.0 server ASP error script and trojan IIS HTTPS + Windows XP How can digitally signed executable be "secure" ? Wildcard Domain Restriction No access after requiring SSL |
|||||||||||||||||||||||
