0

We have a server running Windows 2008 IIS 7.

We have a client that wants to launch 10 microsites, all of which have different domain names and all require SSL.

I have spoken with Thawte and they have suggested a Web Server SSL certification which allows for a single certificate to cover up to 20 domain names using a single IP addrewss. This is great, but to my knowledge IIS will not allow me to use the same SSL cert on more than 2 site instances, especially when both instances are using the same IP address. Am i correct?

Thanks in advance Al

higgsy
  • 1,991
  • 8
  • 30
  • 47

2 Answers2

0

The GUI will no doubt complain about this, but you can just add the SSL bindings in the applicationHost.config manually *:443:hostname.com and use netsh to add the ssl certificate to the IP:Port directly.

See this article for both the appcmd and netsh commands: How to assign a SSL Certificate to IIS7 Site from Command Prompt

Where is this 20-domain certificate listed? Only ones I see are Single Domain except for the wildcard unlimited subdomains. http://www.thawte.com/ssl/index.html

Community
  • 1
  • 1
Brock Hensley
  • 3,617
  • 2
  • 29
  • 47
0

You need a multiple domain (UCC cert), also called SAN or Subject Alternative Name cert Each site will have different SSL host headers.

There is a very good article on configuring SSL Host Headers in IIS 7 at http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html

MikeLim
  • 1,189
  • 1
  • 9
  • 11