David
Tue Mar 11 05:42:38 CDT 2008
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/5=
96b9108-b1a7-494d-885d-f8941b07554c.mspx?mfr=3Dtrue
You can choose wildcard, or certificate with multiple CN=3D fields. You
will probably use multiple CN=3D fields
As you are going down non-default route, don't bother with the IIS UI
since it isn't designed for it. Just go to your Certificate Authority
source, pay, and request a certificate which has multiple CN, one for
your www.oursite.ca and the other for www.oursite.com
After you get your private/public key pair from the CA, install it in
the Local Machine Personal store, with Private key marked Exportable,
of the IIS server. Save the original keypair somewhere safe.
Then, set up IIS website responding for www.oursite.ca and www.oursite.com
to use that certificate. Check your configuration with SSL
Diagnostics.
http://www.microsoft.com/downloads/details.aspx?familyid=3D9bfa49bc-376b-4a5=
4-95aa-73c9156706e7&displaylang=3Den
At this point, you have one IIS website which has a certificate valid
for two domain names, and if you have DNS entries that route both
hostnames to the same IP, SSL clients won't complain about www.oursite.com
nor www.oursite.ca. They will complain if you expand beyond .ca
and .com one day, but you'll need to purchase another certificate what
that day comes.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
On Mar 10, 8:12=A0am, "Chris Newald" <cnew...@cars-council.ca> wrote:
> Hello David,
>
> Thank you for the response.
>
> Method 1 seems exactly what we want although I'm a bit confused. =A0What i=
s
> CN? =A0Do you mean CSR (certificate signing request)? =A0If so, how do I a=
dd two
> sites to a csr? =A0When you create a new CSR using IIS there is only space=
for
> one domain name.
>
> Thanks again,
> Chris
>
> "David Wang" <w3.4...@gmail.com> wrote in message
>
> news:955c5e27-baf0-472e-9bf4-9f62fe09d477@e23g2000prf.googlegroups.com...
> On Mar 7, 12:34 pm, "Chris Newald" <cnew...@cars-council.ca> wrote:
>
>
>
>
>
> > Hi there,
>
> > Is there a way to add two SSL certificates to one website in IIS 6.0?
>
> > We've had a successful .ca website running for a few years that sells
> > services in Canada. It has an SSL certificate installed and takes online=
> > orders without any problems. Our site is country specific and we've
> > recently purchased the .com version that we hope will sell services to U=
S
> > customers.
>
> > What we want is for someone to typewww.oursite.catobe able to use the
> > Canadain version securely whilewww.oursite.comcustomersonly see the .com=
> > version. Currently when you go to the .com address the pages show up
> > perfectly until you try to access the secure HTTPS section - it makes
> > sense
> > that the security certificate gives an error because it's for the .ca
> > domain. How can we make this work without actually having two separate
> > sites?
>
> > Thanks in advance,
> > Chris
>
> One IIS Website can only have one SSL Certificate.
>
> Your only choices are:
> 1. Purchase a different SSL Certificate which has a CN for bothwww.oursite=
.ca
> andwww.oursite.com, and assign it to your website.
> 2. Use two websites, one with SSL Certificate forwww.oursite.caand
> the other forwww.oursite.com
>
> These restrictions come from SSL itself, not IIS. I can explain if
> necessary, but these are the simple facts.
>
> //David
http://w3-4u.blogspot.comhttp://blogs.msdn.com/David.Wang
> //- Hide quoted text -
>
> - Show quoted text -