Basically, you have a website that has to be SSL enabled, but different URLs for different groups of users. Ie. internal company users might use www.abc.edu vs external might use www.abc.com, or whatever.
To do this, you need a SAN Certificate (Subject Alternative Name Certificate). A SAN cert allows for multiple domain names to be protected with a single certificate.
The SOP to generate it is below in the reference. Send the certreq file to your preferred CA (Certificate Authority) and they will send back a SAN cert. Bind that new cert to your SSL binding for the website and either any and all URLs in the SAN cert will work as a SSL link.
Adding another DNS to the SSL, would require a new SAN cert be generated with all the valid DNS' listed, including the new one.
Reference:
http://blogs.msdn.com/b/andrekl/archive/2008/09/24/how-to-generate-a-csr-for-an-iis-website-using-the-windows-vista-server-2008-certificates-mmc-plugin.aspx
http://blogs.msdn.com/b/varunm/archive/2013/06/18/bind-multiple-sites-on-same-ip-address-and-port-in-ssl.aspx
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment