If you are running IIS, you can assign one server certificate to multiple virtual web sites. It is not necessary to get a separate certificate for each web site.
That said - I have a problem getting just one SSL site running properly. Certificate is ok, listening on port 443. but continues to get "unable to display page" error. System is Win2k Adv Server - IIS 5.0 CF 5.0 > > ---------------------------------------------------------------------- > > Date: Thu, 27 Jun 2002 09:51:54 +0200 > From: Jochem van Dieten <[EMAIL PROTECTED]> > Subject: Re: Pointing multiple sites to the same IP > Message-ID: <[EMAIL PROTECTED]> > > Mark A. Kruger - CFG wrote: > > Chris, > > > > <ha> You give me too much credit. This is my "pro-bono" box. I set it up > > myself and I can tell you that there's no custom 403.3 setup. The server > > has a single IP and about 5 virtual sites mapped to it. The only one with a > > CERT is "secure.cfwebtools.com". Apparently, since it's the only 443 port > > listening - it gets the SSL traffic by default. It does generate an initial > > error message regarding the CERT not matching the host info. > > I hope you are not saying you have multiple ports 443 on that IP and > that only one is listening :) > > The way I always look at it is that you have 1 port 443 for each IP > address. HTTPS traffic goes to that port by default. > Normally setting up multiple hosts on 1 IP address is done through > hostheaders. But hostheaders are part of a page request. And since a > pagerequest is encrypted, you need the certificate to decipher the host > headers. But if you have multiple certificates, you can not decipher the > hostheaders *before* you have been able to read them to decide which > certificate to use. > > Hence, 1 certificate for each IP/port combination. The solution would > obviously be to add more IP addresses to be able to use more > certificates. (It is also possible to use different ports,like we have > "secure.domain" on port 443 for web, "mail.domain" on port 993 for > secure mail and "postgresql.domain" on some other port for secure > database connections, but I would not do that for a general public website.) > > Jochem FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
