: SSL Certificate and IP Binding I try to setup SSL on my server for only one web site (I have few there using IIS7). I bought an SSL certificate, installed it but when I come to bind I
I try to setup SSL on my server for only one web site (I have few there using IIS7).
I bought an SSL certificate, installed it but when I come to bind I don't have to option to specify the host name. From reading some posts here I understood I need a distinct IP address.
I didn't purchase a wildcard certificate, I got staging.mydomain.com.
My question is:
My server has a distinct IP, can I use it although I have other sites there but they don't need ssl?
If I do need to buy dedicated IP. What does it involve?
More posts by @RJPawlick198
3 Comments
Sorted by latest first Latest Oldest Best
In answer to your question:
1 . My server has a distinct IP, can I use it although I have other sites
there but they don't need ssl?
There is really no mucking about when it comes to SSL, your site will need its own IP address for a single domain SSL. There are various hacks and bodges I've seen people do over the years, they all end in tears.
2 . If I do need to buy dedicated IP. What does it involve?
If you're self hosting your server in an office/home at the end of a DSL or cable service then you need to ask your provider for a range of static IP addresses. If your server is rented from a hoster (RackSpace, Orcs etc) or it's your own hardware in a data-centre then you'd need to ask the hoster or IP transit provider for more IP addresses.
As to cost, this can vary from one-off payments of around for a /29 (6 usuable addresses) to annual renting of an IP address of perhaps per IP/per year. It will vary enormously from provider to provider.
One thing to note is that if you change DSL/Cable/Hosting/Transit provider - you can't take the IP addresses allocated with you. They are part of their larger allocation from a regional internet registry and "owned" by them.
1) You can have multiple websites on the same machine. In apache, you can put in multiple virtual hosts with different webroots.
2) A normal certificate is only valid for example.com and example.com.
3) You do not neccesarilary need a static IP from your ISP. You can look into dynamic DNS with a provider such as dyndns. They'll give you a program to update your current IP with their dns records so your domain points to the right spot. However, that will cost money to use your own domain name.
Yes. However since host headers are ignored for SSL, all SSL traffic, even those for other sites, will go to the site which supports SSL, since 443 will be bound to just one site.
Then that certificate will only work for that domain.
Contact your hosting provider / ISP.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.