Azure web role - Multiple ssl certs pointing to a single endpoint

Question

Is there a way I can have multiple ssl certificates point to a single inputendpoint in a service definition? For example, lets say I have two url\'s.

service.foo.ne

Answer 1

Unfortunately this is not possible. Azure is re-exposing an SSL limitation. The SSL limitation is interesting, and the reason you can't use v-hosts over SSL. Lets walk through an example:

1. You connect to https://ig2600.blogspot.com
2. That resolves to some ip address - say 8.8.8.8
3. Your browser now connects to 8.8.8.8
4. 8.8.8.8 must preset a certificate before your browser will send any data
5. the browser verifies the ceritificate presented is for ig2600.blogspot.com
6. You send the http request, which contains your domain name.

Since the server needs to present a certificate before you tell it the host name you want to talk to, the server can't know which certificate to use if multiple are present, thus you can only have a single cert.