Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How to host different SSL on an IP address using IIS 8 SNI?
Before IIS 8, you can host multiple websites that need SSL on a single IP address if they use SSL (SSL Certificate) or use a Wildcard SSL Certificate. A Wildcard Certificate is only useful if an existing site or a domain (Domain) needs SSL on a subdomain (Subdomain) higher.
But what if the website has different names? You will then have a Subject Alternative Name Certificate (SAN Certificate). This SSL certificate allows you to protect multiple websites with just one SSL (SSL Certificate) certificate.
The last option is available before IIS 8 requires setting up additional SSL on each site on the same IP address, but with different SSL port numbers. This will allow you to use SSL of each site / domain on the same IP address but different site.
By default, SSL (SSL Certificate) certificates use port 443 for the security protocol. This port does not need to be specified in the URL because this is the standard port. When you use some other port for SSL, you will be asked to add an unqualified SSL port number in the URL so it works.
And you can imagine that this is not how you want to run a public website. How does a user know how to enter the port number and that is not the common steps that users are familiar with when browsing a website.
Adding an IP address to host another site that requires SSL is a common method used, but in some cases this solution is not a great option for users.
With the introduction of IIS 8 on Windows Server 2012, a new feature called Server Name Identification (SNI) has been added. This feature provides users with a solution to easily store many different SSL sites on the same unique IP address.
By default this feature is integrated on IIS 8 and does not require installation of any additional features to start using the feature. In the section below, Network Administrator will guide you through the steps to configure SNI.
One thing to note when adding SNI to an SSL solution is that SNI will not work with users who are using Internet Explorer on Windows XP.
If your server has multiple IP addresses, you can add SNI to some other websites by assigning individual web pages to a unique IP address for SSL. Both of these methods will work together on other IP addresses without any problems.
Also readers can refer to the article: What is SSL? Is SSL important to the website? here.
Steps to take:
1. The first step you need to perform is to import (SSL) SSL certificate for each site on the server (server) if not already available.
2. The next step is to open IIS 8 Manager and add the first site that needs SSL.
If the first page is available, follow the steps below.
3. After the site has been added to the page selection, click on Bindings . located on the Actions menu in the right pane.
4. Click Add .
a. In the Type box, select https .
b. At the IP address frame, you can leave the setting as All Unassigned or select the IP address you want to use (If there are multiple IP addresses on the server (server), you will have to specify a specific IP address. that you want to use for SNI).
c. Enter your site / domain name in the Host name box.
d. Check the box Require Server Name Indication .
e. Choose SSL certificate (SSL Cetificate) for your website from the Dropdown Menu.
f. Click OK .
5. Create a second website and add SSL binding, follow the steps below.
6. Select Bindings and click Add .
a. In the Type box, select https .
b. At the IP address frame, you can leave the setting as All Unassigned or select the IP address you want to use (If there are multiple IP addresses on the server (server), you will have to specify a specific IP address. that you want to use for SNI).
c. Enter your site / domain name in the Host name box.
d. Check the box Require Server Name Indication .
e. Choose SSL certificate (SSL Cetificate) for your website from the Dropdown Menu.
7. Click OK to complete the process.
That's all you need to do. Check SSL for the site to make sure that on each SSL site has been functioning properly. If you want to add SSL to multiple websites, you take the same steps to add SSL binding for each site.
Refer to some of the following articles:
- Instructions for setting up individual FTP Server with FileZilla
- Quick fix error 107 net :: ERR_SSL_PROTOCOL_ERROR: SSL protocol error on Chrome browser
- VPN theory - What is a virtual private network?
Good luck!
Jessica TannerYou should read it
- Facebook host file, How to edit the host file on facebook 2017
- What is a computer host file and how to edit a host file?
- Protect computer network with Bastion host (fortress server) in just 3 steps
- Fix Service Host Local System status using multiple CPUs in Windows 10
- How to create a new host file on Windows
- Fix SysMain Service Host using a lot of CPU and memory in Windows 10
- 9 types of servers that can be hosted on Raspberry Pi
- How to open the Host file on Windows 10, edit the hosts file
May be interested
- How to create WiFi hotspot on UC Browser web browser
uc browser is a web browser for computers with rich features, fast surfing speed, especially can use the computer to become a free wifi hotspot. - How to turn off auto-fill forms on Chromeauto-fill feature (autofill) on chrome is a feature to automatically fill in personal information such as name, address, email, phone number, ... however, this will make it easy for hackers easy to steal user information.
- How to enter the saved password on Internet Explorer to Edge browserare you using the edge browser familiar on your windows 10 computer and now switch to using the edge browser as the default browser. and you want to transfer all saved passwords, bookmarks, browsing history and other data from internet explorer to microsoft edge browser, but don't know how.
- Open Inspect Element and View Source on Microsoft Edge browserif you are a developer, you may have to use the site's source code. and you may also have to use the inspect element tool to find a specific code and design of a website. if you are using the microsoft edge browser, the view source and inspect element options are disabled by default.
- How to add account on Coc Coc browserdue to business needs, you need to use many personal accounts on coc coc. and we can completely log back and forth between accounts on the same browser window of coc coc.
- What types of SSL Certificates are there?globalsign is the first ssl provider to provide simple ssl certificate - neat and simple in 3 ssl classes defined domain domain validation (dv), organization validation (ov) and extended validation (ev). with 15 years of experience in providing reliable ssl solutions, globalsign has pioneered and is one of the simplest methods for 3 classes of ssl to emerge in recent years.
What is DHCP or dynamic host configuration protocol?
How IP addresses work
What is a subnet mask?
How to configure static IP address on Ubuntu 22.04 LTS and 22.10
How does IP address and MAC address work in parallel?