{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 欢心 的问题《IIS 7 SSL for multiple sites with a single IP》','https://www.manongdao.com/q-466145.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have a single IIS 7 server with a single IP address. Site 1 has an SSL cert for www and Site 2 has a wildcard SSL cert for various subdomains. Both sites use host headers to direct traffic off the single IP address. However, when I try to access a subdomain on Site 2 I see a browser warning telling me that the SSL cert is wrong and shows me the information for Site 1. Help!
相关问题
- Mechanize getting “Errno::ECONNRESET: Connection r
- Tomcat and SSL Client certificate
- Can we add four protocols to ServicePointManager.S
- .NET Core gives unknown error while processing HTT
- JDK 11. javax.net.ssl.SSLPeerUnverifiedException:
相关文章
- ssl配置问题
- Intermittent “sslv3 alert handshake failure” under
- XCopy or MOVE do not work when a WCF Service runs
- Making a two way SSL authentication between apache
- decrypt TLS 1.2 AES-GCM packet
- How to use Jetty with Let's Encrypt certificat
- The 'DbProviderFactories' section can only
- Sending email using php, gmail, and swiftmailer ca
If you add the certificates with the friendly names beginning with an asterisk then you can edit the hostname field within the Bindings for each site.
So we had a certificate added as "ssl" (imagination was lacking at the time) which when added to two different sites actually used the first site regardless of domain name passed in (as the bindings had no hostname).
We removed and then added the certificate again as "*ssl" (again no imagination but we were tired by this point) and within the bindings for each site we were able to add hostnames and https calls to the domain names actually went to the right websites. We then had beer.
This guy did it for self-signed certificates but it worked for our SAN one too: https://wiki.gutzmann.com/confluence/display/HowTo/IIS+7.5+-+Multi-homing+for+HTTPS+with+self-signed+certificates
Until SNI is fully supported, you can only have one certificate per IP address. If you can get a certificate that covers both sites (a wildcard or a UC certificate, for example), you can set up SSL Host Headers to allow both sites to be secured.
IIS 8 in Windows Server 2012 now supports this feature (SNI).