1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Traffic to Server (IIS experts very welcome)

Discussion in 'HTML, Graphics & Programming' started by gord, 12 Mar 2010.

  1. gord

    Capodecina

    Joined: 18 Oct 2003

    Posts: 19,345

    Location: Midlands

    Hello all,

    On our IIS webserver we have 1 site configured to use SSL. It's all working fine, but all https requests to the server are redirecting to that one site and we don't want that really.

    So, e.g. the SSL is set up for the domain of store.oursite.com

    https://store.oursite.com - gives the proper site with the right url

    https://store.test.com - gives the proper site but with the wrong url
    https://98.76.54.321 (server ip) - gives the proper site with the ip in the url

    Why does SSL do this on IIS?

    Can we change it so that only the one site uses the SSL?

    Any help is much appreciated. Thanks.
     
  2. daz

    Capodecina

    Joined: 18 Oct 2002

    Posts: 24,020

    Location: Bucks

    Is the site that uses SSL on its own IP address?
     
  3. gord

    Capodecina

    Joined: 18 Oct 2003

    Posts: 19,345

    Location: Midlands

    Don't think so, its set to default in the headers config on IIS so I assume its using the servers IP. We have a few web apps hosted on the same web server.
     
  4. daz

    Capodecina

    Joined: 18 Oct 2002

    Posts: 24,020

    Location: Bucks

    It needs to be on its own IP. Sites without SSL can be on a shared IP, but sites that need SSL need to have a dedicated IP each.
     
  5. gord

    Capodecina

    Joined: 18 Oct 2003

    Posts: 19,345

    Location: Midlands

    Thanks daz, that's a golden nugget of info I could have used some weeks back. At the risk of sounding completely incompetent.. will our hosting service provide a different dedicated IP for the site?
     
  6. daz

    Capodecina

    Joined: 18 Oct 2002

    Posts: 24,020

    Location: Bucks

    You may have to pay a little extra per IP, but because it is for SSL it means it is a technical requirement and as such shouldn't be a problem. (As opposed to wanting dedicated IPs just for the sake of it/some SEO rubbish)