[thelist] Two Extranets ... Same Intranet?

darren darren at web-bitch.co.uk
Fri Sep 19 10:38:54 CDT 2003


On Friday, September 19, 2003 at 16:07, Rob Smith wrote:

RS> The Rep.Thermon.com should point to a totally different extranet, but it
RS> points to our first one instead. I have all 3 sites set up on our server.
RS> All of them have "All-Unassigned" IP's (AT&T and our DNS Server handles the
RS> pointing). They all also have the appropriate host headers. Since our
RS> "inside" extranet was set up first, it assumes the port 80 and SSL 443 to be
RS> extranet it is. We added the "rep" later, on the same ports. It's supposed
RS> to be pointing to a different site. 

RS> What's going on here? 

simply, host headers and ssl don't work together! :>

the host header information that iis uses to direct you to the right site
is encrypted as part of the ssl process.  this means that when you try
and access https://rep.thermon.com iis doesn't know where to direct you,
so you end up at the first site that can handle ssl with any ip address -
https://inside.thermon.com.

if you want to use ssl you need to have a unique ip address for each site
you want to access.  alternatively, there are ssl off-loaders that do all
the encryption/decryption for you, so iis sees the host header
information and can direct you appropriately.

hth,

darren.



More information about the thelist mailing list