[thelist] ASP question
Scott Dexter
sgd at ti3.com
Thu Aug 24 10:36:40 CDT 2000
>
> >I'd look into writing an ASAPI dll
>
> I think Scott meant to type "ISAPI" dll.
>
Yes, Thanksh
<tip type="obscure IIS fun">
(note, I'm writing in first person for the fun of it)
I have multiple web sites on one NIC, and everything is cool. --I've got the
host headers defined in the MMC so people get to their sites properly.
Now, throw in the monkey wrenches:
* Through some decision I wasn't a part of, there's now a firewall in front
of my server. Port 80 and 443 are the only two open (443 is for SSL)
* Two of my clients want to have secure sites
Okay, no problem. Just get the certificates, and bind to port 443 ... shit.
I can't bind more than one SSL certificate to the same port. --That's right.
I don't know if its IIS or the RFC, but one can not attach more than one
certificate to the same port.
Alllrighty then, I'll just take web site #2 and use port 1443 for SSL, and
then in the firewall, I'll remap it so when anyone comes through it looking
for web site #2's SSL (on 443) it gets translated to port 1443 from the
firewall to IIS.
Hot Dog! It works! ... until I get a call from client #2. They can't get to
the SSL part of the site. wtf?!
IIS does funny things sometimes. Request https://www.client2.com/mall/ and
everything is cool. Request https://www.client2.com/mall (notice there is
no trailing /) and IIS sends back a redirect --with the port number-- to the
right spot: https://www.client2.com:1443/mall/
This is a problem; I don't have 1443 open on the firewall. No wonder they
can't get in. My workaround until I can research and strangle the right
people? --Open port 1443.
ugh. Anyone wanna see if Apache does the same?
</tip>
More information about the thelist
mailing list