问题
We have a Windows Server 2003 machine running IIS6.0 that hosts two different websites. We purchased an SSL certificate for both domains, but then discovered we couldn't use both at once because SSL uses port 443, and I can't set both domains to use that port number.
So my question is, is it possible to host https://www.domain1.com and https://www.domain2.com on the same IIS 6.0 server? If so, how can I do this?
回答1:
As @Bahri Gungor said the way to do this is for the server to have multiple IP addresses, have the different domains attach to different IPs and then you should be able to have each have a seperate SSL certificate.
Windows Servers can be assigned lots of IP addresses, then depending on your network setup you could change the DNS records for your different domains to point to the different IP addresses. Remember DNS changes take a while to role through the network (depending on their time-to-live). So you need to have the domain you move hosted on multiple IP addresses until all clients have the new DNS records. See the following
- http://technet.microsoft.com/en-us/library/cc722518.aspx
- http://www.windowsnetworking.com/articles_tutorials/understanding-advanced-tcp-ip-settings-windows-2003.html
- http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/74097d64-d3d7-4b07-a1b7-0be86494ba97.mspx?mfr=true
Why?
How I assume you have things configured is serving both domains off the same port and the same IP address, and have IIS choose the different WebSite based on the host-header. The host-header as the name implies is part of the http headers sent to the server with the request, when using HTTPS this information is encrypted using the SSL certificate. So if your could have multiple certificates servered off the same port and IP address IIS would not know which certificate to decrepit the incoming request.
Wild Card Certificates
One way round this is if you have multiple sub-domains they can share one SSL certificate then you can use host-headers to choose which site the user is interested in so if you had
a.example.com
b.example.com
c.example.com
You could get a certificate for
*.example.com
Then the websites for the subdomain could share one SSL certificate and the same IP address and port.
来源:https://stackoverflow.com/questions/9501530/can-iis6-0-host-two-ssl-certificates