Tech Off Thread

4 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

SSL with multiple websites running with HTTP headers

Back to Forum: Tech Off
  • User profile image
    Arowin

    We're trying to come up with a solution to fix the following problem and I'm hoping someone here knows how to go about fixing it...

    We have IIS running two websites, both of which use SSL certificates.
    The websites are divided by host headers

    We have recently become aware that host headers may not be supported by SSL so we are wondering if this is indeed true.

    If so, does anyone know how to make it work????

  • User profile image
    Matthew van Eerde

    Use TLS.

    The problem with SSL and Host: headers is the encryption is negotiated before the HTTP headers are delivered.

    Or you could use a different IP address for each secure site.

  • User profile image
    ehuna

    1) Under Control Panel > Network Connections > Local Area Connection > Properties > Internet Protocol (TCP/IP) > Properties > Advanced make sure you define two IP addresses for your server hosting IIS.  For example 192.168.1.10 and 192.168.1.20.

    2) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties.  Under the Web Site tab > IP Address, change from (All Unassigned) to the first IP address (for example 192.168.1.10).

    3) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties.  Under the Web Site tab > IP Address, change from (All Unassigned) to the second IP address (for example 192.168.1.20).

    You no longer need the "host header value" defined in the sites.  But you need to update your DNS server so the correct IP addresses will be resolved.

  • User profile image
    sukrishna

    ehuna said:
    1) Under Control Panel > Network Connections > Local Area Connection > Properties > Internet Protocol (TCP/IP) > Properties > Advanced make sure you define two IP addresses for your server hosting IIS.  For example 192.168.1.10 and 192.168.1.20.

    2) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties.  Under the Web Site tab > IP Address, change from (All Unassigned) to the first IP address (for example 192.168.1.10).

    3) Under Administrative Tools > Internet Information Services (IIS) Manager, right click on the first web site and choose Properties.  Under the Web Site tab > IP Address, change from (All Unassigned) to the second IP address (for example 192.168.1.20).

    You no longer need the "host header value" defined in the sites.  But you need to update your DNS server so the correct IP addresses will be resolved.

    Hello Ehuna,

     

    Not sure it will reach you as its been a while but worth a try. I did try the same and assigned 443 to both websites. The first one started fine but the second complained about the same issue i.e. - 'IIS was unable to start the site. ANother site may already be using the port you configured for the site. Please select a unused port for this site'. I am trying this on IIS 6.0 on Win 2003 environment.

     

    Regards

    Krish

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.