-1

I have 3 servers. 1 is IIS-ARR load balancer. 2 servers are IIS web servers with my website hosted. I want to run the website on https. So how many SSL certificates are needed, which servers I have to create SSL CSR request and Which servers I have to install them.

user13727833
  • 13
  • 5
  • Why down vote for this question. – user13727833 Jul 13 '20 at 15:22
  • You can try to use Centralized SSL Certificate to share the same customer certificate between all ARR machines. For more information, see [Centralized SSL Certificate Support](https://learn.microsoft.com/en-us/iis/get-started/whats-new-in-iis-8/iis-80-centralized-ssl-certificate-support-ssl-scalability-and-manageability) – samwu Jul 14 '20 at 09:07
  • I have only 1 ARR load balancer machine. And 2 IIS we servers . To create SSL on ARR, do I need to create CSR on default web site. – user13727833 Jul 14 '20 at 09:29
  • Plz try to answer my question "SSL for ARR load balancer to manage 2 websites". – user13727833 Jul 14 '20 at 09:45
  • If you want a simple solution and free, you can setup an nginx load balancer that proxies the calls according to your rules and configure a cloudflare dns to that nginx server and you get https for free and more simple – JorgeGarza Jul 15 '20 at 00:16
  • OK. Let me check. – user13727833 Jul 15 '20 at 00:32
  • I want to use Windows Server OS for LoadBalancer. But as per this link. https://upcloud.com/community/tutorials/configure-load-balancing-nginx/?utm_term=&utm_campaign=DSA&utm_source=adwords&utm_medium=ppc&hsa_acc=9391663435&hsa_cam=7185608860&hsa_grp=81739862313&hsa_ad=391197952986&hsa_src=g&hsa_tgt=dsa-460992423274&hsa_kw=&hsa_mt=b&hsa_net=adwords&hsa_ver=3&gclid=EAIaIQobChMIpJq1joHO6gIVgX8rCh3TbgTIEAAYASAAEgIBFfD_BwE. Nginx is not available for windows. Am I correct? – user13727833 Jul 15 '20 at 00:37

1 Answers1

0

I found a solution for this from another query. I need to use a certificate with Subject Alternate Names which is authorized for multiple domains. Such a certificate could, once installed where the CSR was created in order to pair it with the private key, be exported as a bundle including the private key then imported on all involved servers. So, just 1 certificate will solve the purpose.

user13727833
  • 13
  • 5