Muliple Websites on Mutliple IP address with certicles [SSL]

We are running win 2K and IIS.

We have 2 websites configured, each running on different IP addresses. THere
are subdomains pointing to each of the IP addresses.

We turned on SSL and have 2 different certificates for each site (running on
2 different IP addresses). Everything seems to be working fine, unlee you
view the certificate.

The certificate running on the first site is correct. The certificate the
should be on the second site is actually the cert for the first site. We
can't seem to get the second certificate to be served for the second site.
Any thoughts or ideas for making this work correctly?

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

By design Windows only accept one certificate working on IIS. But there is
the change to use a wild-card certificate (*.yourdomain.com)

Hope this help

"Jennifer" wrote in message
news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
> We are running win 2K and IIS.
>
> We have 2 websites configured, each running on different IP addresses.
THere
> are subdomains pointing to each of the IP addresses.
>
> We turned on SSL and have 2 different certificates for each site (running
on
> 2 different IP addresses). Everything seems to be working fine, unlee you
> view the certificate.
>
> The certificate running on the first site is correct. The certificate the
> should be on the second site is actually the cert for the first site. We
> can't seem to get the second certificate to be served for the second site.
> Any thoughts or ideas for making this work correctly?

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

From what you are saying even though these are two websites, running on two
different IP address, there is still only one SSL certificate per IIS
instance?

I read this:
http://www.microsoft.com/technet/community/columns/insider/i isi0604.mspx

And that does not seem to be the case. I have created two different
websites, with 2 different IP addresses. According to the article above,
that should work, but it doesn't.

"Marcelo Villalón" wrote:

> By design Windows only accept one certificate working on IIS. But there is
> the change to use a wild-card certificate (*.yourdomain.com)
>
> Hope this help
>
> "Jennifer" wrote in message
> news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
> > We are running win 2K and IIS.
> >
> > We have 2 websites configured, each running on different IP addresses.
> THere
> > are subdomains pointing to each of the IP addresses.
> >
> > We turned on SSL and have 2 different certificates for each site (running
> on
> > 2 different IP addresses). Everything seems to be working fine, unlee you
> > view the certificate.
> >
> > The certificate running on the first site is correct. The certificate the
> > should be on the second site is actually the cert for the first site. We
> > can't seem to get the second certificate to be served for the second site.
> > Any thoughts or ideas for making this work correctly?
>
>
>

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

Could the problem be that I am running both SSL certificates on the same port
for both websites.

I should have the sites configured?

IP address 1 port 443
IP address 2 port 444



"Marcelo Villalón" wrote:

> By design Windows only accept one certificate working on IIS. But there is
> the change to use a wild-card certificate (*.yourdomain.com)
>
> Hope this help
>
> "Jennifer" wrote in message
> news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
> > We are running win 2K and IIS.
> >
> > We have 2 websites configured, each running on different IP addresses.
> THere
> > are subdomains pointing to each of the IP addresses.
> >
> > We turned on SSL and have 2 different certificates for each site (running
> on
> > 2 different IP addresses). Everything seems to be working fine, unlee you
> > view the certificate.
> >
> > The certificate running on the first site is correct. The certificate the
> > should be on the second site is actually the cert for the first site. We
> > can't seem to get the second certificate to be served for the second site.
> > Any thoughts or ideas for making this work correctly?
>
>
>

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

That's not true. It's one SSL certificate per IP address. I have 3 SSL certs
running on my server with 3 different IPs.

Dan

Marcelo wrote on Thu, 27 Apr 2006 18:00:33 -0400:

> By design Windows only accept one certificate working on IIS. But there
> is the change to use a wild-card certificate (*.yourdomain.com)
>
> Hope this help
>
> "Jennifer" wrote in message
> news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
>> We are running win 2K and IIS.
>>
>> We have 2 websites configured, each running on different IP addresses.
> THere
>> are subdomains pointing to each of the IP addresses.
>>
>> We turned on SSL and have 2 different certificates for each site (running
> on
>> 2 different IP addresses). Everything seems to be working fine, unlee you
>> view the certificate.
>>
>> The certificate running on the first site is correct. The certificate the
>> should be on the second site is actually the cert for the first site. We
>> can't seem to get the second certificate to be served for the second
>> site. Any thoughts or ideas for making this work correctly?
>

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

That should make no difference - I have 3 certs on 3 IPs on my own server
here on Windows 2003:

https://www.compman.co.uk

https://www.bookfellas.co.uk

https://www.sprintbooks.co.uk

As you can see, each has it's own certificate.

Have you checked that the DNS for the second site is returning the correct
IP address? It sounds like it's not, and so you're connecting to the SSL
port on the 1st site and so getting it's certificate, and then being shown
pages from the 2nd site due to the Host: header mapping once the SSL
connection has been negotiated.

Dan

Jennifer wrote on Thu, 27 Apr 2006 15:51:02 -0700:

> Could the problem be that I am running both SSL certificates on the same
> port for both websites.
>
> I should have the sites configured?
>
> IP address 1 port 443
> IP address 2 port 444
>
> "Marcelo Villalón" wrote:
>
>> By design Windows only accept one certificate working on IIS. But there
>> is the change to use a wild-card certificate (*.yourdomain.com)
>>
>> Hope this help
>>
>> "Jennifer" wrote in message
>> news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
>>> We are running win 2K and IIS.
>>>
>>> We have 2 websites configured, each running on different IP addresses.
>> THere
>>> are subdomains pointing to each of the IP addresses.
>>>
>>> We turned on SSL and have 2 different certificates for each site
>>> (running
>> on
>>> 2 different IP addresses). Everything seems to be working fine, unlee
>>> you view the certificate.
>>>
>>> The certificate running on the first site is correct. The certificate
>>> the should be on the second site is actually the cert for the first
>>> site. We can't seem to get the second certificate to be served for the
>>> second site. Any thoughts or ideas for making this work correctly?
>>

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

Should it make a difference that even though these are on different IP
addresses, they are still subdomains:

product1.sfwater.org
product2.sfwater.org

As opposed to different domains altogether (as in the above example)

BTW, Thanks for all the great help!

"Daniel Crichton" wrote:

> That's not true. It's one SSL certificate per IP address. I have 3 SSL certs
> running on my server with 3 different IPs.
>
> Dan
>
> Marcelo wrote on Thu, 27 Apr 2006 18:00:33 -0400:
>
> > By design Windows only accept one certificate working on IIS. But there
> > is the change to use a wild-card certificate (*.yourdomain.com)
> >
> > Hope this help
> >
> > "Jennifer" wrote in message
> > news:E8B17723-0054-47D2-B84D-0DE71D998FD0@microsoft.com...
> >> We are running win 2K and IIS.
> >>
> >> We have 2 websites configured, each running on different IP addresses.
> > THere
> >> are subdomains pointing to each of the IP addresses.
> >>
> >> We turned on SSL and have 2 different certificates for each site (running
> > on
> >> 2 different IP addresses). Everything seems to be working fine, unlee you
> >> view the certificate.
> >>
> >> The certificate running on the first site is correct. The certificate the
> >> should be on the second site is actually the cert for the first site. We
> >> can't seem to get the second certificate to be served for the second
> >> site. Any thoughts or ideas for making this work correctly?
> >
>
>

Re: Muliple Websites on Mutliple IP address with certicles [SSL]

Jennifer wrote on Fri, 28 Apr 2006 13:48:02 -0700:

> Should it make a difference that even though these are on different IP
> addresses, they are still subdomains:
>
> product1.sfwater.org
> product2.sfwater.org
>
> As opposed to different domains altogether (as in the above example)
>
> BTW, Thanks for all the great help!

In that case, can you check with a different browser? I've had issues with
IE6 caching SSL information in the past, but only when using a different
port on the same hostname and IE would display the cert details for
whichever connection was made first eg. SSL on port 443 running IIS, and
RemotelyAnywhere running SSL on port 2001, if I connected IE to RA and then
without closing IE connected to https on IIS, I'd see the information for
the RA certificate in the SSL properties.

Different hostnames with the same domain shouldn't make a difference
compared to my current setup of 3 certs for completely different hostnames.
It might be something messed up in your metabase that is causing one of the
certs to be bound to all sites instead of just the one it should be. Have
you tried removing both certs and reattaching?

Dan