Forum Moderators: open
Any Idea?
SSL implies that you have purchased a certificate from GoDaddy or GeoTrust or Verisign and have installed it on your web server.
You'll need a static IP for the domain name (can't be shared) and port 443 opened on the firewall.
Infact I have login facility in website, user has the facilities of messaging, Address Book, Calendar, File Sending to other Intranet/Internet users and Personal My Documents.
Hazee.
If you encrypt all yopur pages then your site will slow down considerably.
Other than encryption - for ecommerce sites it gives the user 'some' origin integrity - the data collector are who they say they are and no man-in-the-middle interception is going on. SSL is sometimes called browser based VPN.
If you know what I mean!
Therefore, to have more than one domain on a single IP address requires the server be able to examine the headers (Host Header Name on IIS). But the decryption happens after that point.
but can you run multiple web sites on different domains, each with their own SSL certificate on the same IP?
No, each SSL site needs its own IP
One workaround is to put the ssl server in front of another published (non ssl) web server with the multiple sites on.
The ssl server sends a cert to the user, creates the tunnel and then de-encrpts the requests, but forwards them to the 2nd web server using standard ports.
The trust is with the ssl server not the web server (unless you use ssl bridging) but as they are on the same local network it may not be an issue.
If you do have multiple web sites with one ssl gateway you will need high RAM for encryption/de-encryption overheads & possibly hardware accelerated ssl (pci card) which are quite expensive.
