Multiple sites using host headers and SSLRSS

5 replies

Last post Jul 27, 2009 06:55 AM by ukinet

  • Multiple sites using host headers and SSL

    Jul 21, 2008 12:22 AM|Jason Hill|LINK

    Hi,

    We have a site that runs with 9 different skins that are all driven by the domain name (due to partnership arrangements).

    This is all configured in IIS7 as a single website with host headers and the application dynamically presents the correct skin after inspecting the domain name in the URL.

    We want to secure parts of our site with SSL (login and registration) but this would require us to break each domain name into a separate IIS website right? This is not desirable because we use NHibernate with caching and don't want to end up with 9 independant caches in memory.

    Is there anything that we can do with URL rewriting or ARR to workaround this so that we can drive all SSL traffic through a single domain with a single SSL certificate thereby maintaining the single website in IIS?

    Thanks,

    Jason

  • Re: Multiple sites using host headers and SSL

    Jul 21, 2008 08:38 PM|ruslany|LINK

    Jason Hill

    We want to secure parts of our site with SSL (login and registration) but this would require us to break each domain name into a separate IIS website right? This is not desirable because we use NHibernate with caching and don't want to end up with 9 independant caches in memory.

    It is not clear to me why you have to break each domain name into a separate site. Cannot you have a single certificate configured for several different host headers and then use that certificate to negotiate SSL for all those domains?

    SSL

  • Re: Multiple sites using host headers and SSL

    Jul 21, 2008 09:00 PM|Jason Hill|LINK

    Can you do that? I thought that a certificate could only be associated with a specific domain name, e.g. www.abc.com or for a wildcard, e.g. *.abc.com. But I have several different domains, e.g. www.abc.com, www.xyz.com, www.somethingelse.com.

    If there was a way for me to pipe all my SSL through a single certificate while still preserving the different domain names in the url and a single website in IIS, then that would be perfect.

  • Re: Multiple sites using host headers and SSL

    Jul 22, 2008 07:25 PM|Jason Hill|LINK

    OK...I think I get it now.

    So, we can just have different bindings in the single IIS website that point to different SSL certificates for each domain. We would just need to have each binding with a unique IP + port combination...right?

  • Re: Multiple sites using host headers and SSL

    Jul 23, 2008 02:28 PM|thomad|LINK

    Thomas Deml
    Group Program Manager
    Internet Information Services
    Microsoft Corp.
  • Re: Multiple sites using host headers and SSL

    Jul 27, 2009 06:55 AM|ukinet|LINK

    You could use a SAN (Subject Alternate Name) certificate, which allows you to have multiple domain names in once SSL certificate.