Multiple SSL Certificates on 1 Server

By jiayi_chao ·
Hello. I was recently tasked with consolidating multiple websevers (win2k3)into one Win2k3 server. The problem I'm getting is W3SVC errors stating

"One of the IP/Port combinations for the site 'blahblah' has already be configured to be used by another site. The other site's SSL configuration will be used."

I currently have 2 certs on the server and 2 IP addresses assigned to the NIC. Do I need to have an individual IP Address for each site to get rid of the error? The sites all currently work and show the correct certificates but the W3SVC errors are giving me headaches.

After further research the server I'm copying has the same errors on it. Is there a security risk or any risks that I need to know about?

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

what O/S are you using???

by CG IT In reply to Multiple SSL Certificates ...

are you using a Windows server with IIS? or a Linux server? the W3SVC references a Windows component but... need to be specific here.

What your using to host web sites mkes a big difference....

Collapse -

I'm sorry

by jiayi_chao In reply to what O/S are you using???

IIS 6.0

Collapse -

yes and????????????

by CG IT In reply to I'm sorry

you using virtual servers for each web site? and you have assigned different SSL certificates for each site? are you suing port 443 for both sites?

Collapse -

more info

by jiayi_chao In reply to yes and????????????

I'm not using a virtual server for each site. It's just one server with 16 sites. I have assigned one wildcard cert to 14 sites and a different wildcard cert to the remaining 2. I am using 443 on all the sites.

The sites appear to work fine and I can view the certificates on them.

Collapse -

see MS Technet for IIS 6.0 and multiple SSL certificates

by CG IT In reply to more info

Microsoft Technet has your answer...

The following conditions apply to the use of SSL host headers:

? SSL host headers cannot be configured by using the IIS Manager UI.

? Using SSL host headers requires that the wildcard certificate be installed on each Web site from which you want to serve protected content. This adds overhead to site management, because you must manually ensure that multiple sites are kept in sync with each other.

? You must configure secure bindings for each Web site that uses the wildcard server certificate to prevent unauthorized use of that certificate.

This section includes the following information:

? Obtaining and Installing a Wildcard Server Certificate: Describes how to request a wildcard server certificate and install it on a Web site.

? Configuring Server Bindings for SSL Host Headers: Describes how to configure the SecureBindings metabase property to create SSL host headers for each Web site that you want to enable to use the wildcard server certificate.

? Ensuring That Secure Content Is Served Over HTTPS Only: Describes how to prevent unauthorized Web sites from using the wildcard certificate.

Note: the technet newsgroup for IIS will probably have an answer for you on how to get rid of your error messages that popup in the logs.

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums