[thelist] Quick SSL Cert Question

Anthony Baratta Anthony at Baratta.com
Wed Jun 23 11:54:59 CDT 2004


Quick answer: for every unique domain name "string" you need a unique IP 
for each cert.

	sub1.foo.org -> IP1
	sub2.foo.org -> IP2

NOTE: foo.org and www.foo.org are two different domain "strings" for SSL 
cert purposes.

I currently have multiple domains with multiple certs on my IIS boxen. I 
have all the domains unassigned by default (http) and only assign the cert 
(https) to the IP the DNS records will have the domain listed at. This way 
you only have to assign an IP to a domain other than the default catch all 
IP for those with certs and if you remove it the http stays unassigned.

Hope that helps.
-- 
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."



More information about the thelist mailing list