1. Home
  2. Forums Index
  3. Server Side / Microsoft IIS Web Server and ASP.NET 6:55 am Apr 28, 2026

Forum Moderators: open

Message Too Old, No Replies

IIS SSL issuses

Cannot run 2 websites on 443 for ssl

         

Red_Eye

3:20 pm on Feb 8, 2006 (gmt 0)

10+ Year Member



I have a websever that I am using for testing a new site. The site requires ssl for some of its pages. IIS already has a website with ssl running on it the ssl port for this site is 443. I have created a selfsigned ssl certificate for testing the site (using iis resource kit) the certificate is setup for port 444 and in the settings for the website I have set the ssl port to 444. However when I type [<testdomain>...] it send me to the other ssl protected website. I can get it to work if I type [<testdomain>:444...]
How do you setup iis so that you can have multiple ssl protected websites?

aspdaddy

6:52 pm on Feb 8, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



SSl = Encypted host headers so unless you have 2 public IP Addresses, or use SSL bridging (which needs a second SSL Server) I dont think you can do it. Could be wrong...

LifeinAsia

7:16 pm on Feb 8, 2006 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



For the domain using port 443, you'll have to setup a redirect to [<testdomain>:444....] Or use a second IP address.

Red_Eye

10:13 am on Feb 9, 2006 (gmt 0)

10+ Year Member



I thought this would be the case. I have been doing a bit of reading myself and you can edit the iis metabase. There is a sslhostheader setting. But the poblem with this is that you need a wildcard certificate. I can't believe that there's not a way to do this.

john_k

3:09 am on Feb 10, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Assign another IP address to the machine. Then use port 443 for both sites, one on each IP address.

btw: The problem with setting up a redirect as described above is that the request for the second domain will most often not be processed far enough to get to the redirect logic. The server/browser SSL handshaking will try to negotiate everything under the certificate of the 1st domain. This will result in the user getting a prompt from their browser to indicate that the domain of the URL does not match the name in the certificate. All of this takes place BEFORE the browser even sends the request for the actual page. So the processing would hit the redirect logic only if the user chooses to proceed anyway.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Microsoft IIS Web Server and ASP.NET 6:55 am Apr 28, 2026