We're trying to come up with a solution to fix the following problem and I'm hoping someone here knows how to go about fixing it...
We have IIS running two websites, both of which use SSL certificates.
The websites are divided by host headers
We have recently become aware that host headers may not be supported by SSL so we are wondering if this is indeed true.
If so, does anyone know how to make it work????
-
-
Matthew van Eerde
AKA Maurits
Use TLS.
The problem with SSL and Host: headers is the encryption is negotiated before the HTTP headers are delivered.
Or you could use a different IP address for each secure site. -
ehuna
Grand Poo-Bah
1) Under Control Panel > Network Connections > Local Area Connection > Properties > Internet Protocol (TCP/IP) > Properties > Advanced make sure you define two IP addresses for your server hosting IIS. For example 192.168.1.10 and 192.168.1.20.
2) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties. Under the Web Site tab > IP Address, change from (All Unassigned) to the first IP address (for example 192.168.1.10).
3) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties. Under the Web Site tab > IP Address, change from (All Unassigned) to the second IP address (for example 192.168.1.20).
You no longer need the "host header value" defined in the sites. But you need to update your DNS server so the correct IP addresses will be resolved. -
ehuna said:1) Under Control Panel > Network Connections > Local Area Connection > Properties > Internet Protocol (TCP/IP) > Properties > Advanced make sure you define two IP addresses for your server hosting IIS. For example 192.168.1.10 and 192.168.1.20.
2) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties. Under the Web Site tab > IP Address, change from (All Unassigned) to the first IP address (for example 192.168.1.10).
3) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties. Under the Web Site tab > IP Address, change from (All Unassigned) to the second IP address (for example 192.168.1.20).
You no longer need the "host header value" defined in the sites. But you need to update your DNS server so the correct IP addresses will be resolved.
Hello Ehuna,
Not sure it will reach you as its been a while but worth a try. I did try the same and assigned 443 to both websites. The first one started fine but the second complained about the same issue i.e. - 'IIS was unable to start the site. ANother site may already be using the port you configured for the site. Please select a unused port for this site'. I am trying this on IIS 6.0 on Win 2003 environment.
Regards
Krish
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.