Secure connections with Domain aliases running on IIS7

Question

I have a site that can be accessed through example.com. I can secure traffic to and from this site by installing a certificate on the web server that is tied to the example domain.

Now, I have another domain, example2.com. I set up domain aliasing for this domain to access the same site as can be accessed by example.com. I want to secure traffic to and from the site as accessed via example2.com. It is likely that in the future, I will want to set up other domain aliases to access the site and would also want to secure traffic to and from the site from these too.

As I understand it, SSL certificates are tied to domains. Would I need a certificate then for each domain that I alias to point to my site? Secondly, I also understand that IIS 7 can only be configured with one certificate for an IP and port, therefore, what are the options available for securing traffic to and from a site accessed via multiple domain aliases? Is this possible?

Answer 1

With IIS 7/7.5 your only option is to use separate IP addresses (or ports, but not really acceptable for public facing sites) and to bind each site with it's SSL certificate to that IP address.

IIS 8 will support the Server Name Indication extension of TLS which will allow you to bind multiple SSL sites to the same IP address/port based on the host name. It will be transparent and the binding will work the same as with non-HTTPS sites.

Answer 2

Sorry if I'm wrong, I'm not an IIS expert, but I think you can ask for a certificate with aliases.

If you want an example you can see the certificate for upcnet.upc.edu.

In the "Certificate Subject Alt Name" you can see:

Not Critical

DNS Name: sylar.upc.es DNS Name: ca1.upc.edu DNS Name: ca2.upc.edu DNS Name: camins.upc.edu DNS Name: catedraeveris.upc.edu DNS Name: catedratelstar.upc.edu DNS Name: ceib.upc.edu DNS Name: cemad.upc.edu DNS Name: cmem.upc.edu DNS Name: congresoeben2011.upc.edu DNS Name: cuv.upc.edu DNS Name: dcen.upc.edu DNS Name: deab.upc.edu DNS Name: dehma.upc.edu DNS Name: doe.upc.edu DNS Name: ec.upc.edu DNS Name: eel.upc.edu DNS Name: ega1.upc.edu DNS Name: ege.upc.edu DNS Name: entel.upc.edu DNS Name: eq.upc.edu DNS Name: esab.upc.edu DNS Name: etcg.upc.edu DNS Name: etsav.upc.edu DNS Name: euetib.upc.edu DNS Name: fa.upc.edu DNS Name: fme.upc.edu DNS Name: gaa.upc.edu DNS Name: gcm.upc.edu DNS Name: genbloc.upc.edu DNS Name: genweb.upc.edu DNS Name: guni.upc.edu DNS Name: ice.upc.edu DNS Name: iemae.upc.edu DNS Name: intranet.claustre.upc.edu DNS Name: intranet.eel.upc.edu DNS Name: intranet.esab.upc.edu DNS Name: intranet.esaiict.upc.edu DNS Name: intranet.etseiat.upc.edu DNS Name: intranet.etseib.upc.edu DNS Name: intranet.ma1.upc.edu DNS Name: ioc.upc.edu DNS Name: ioc.upc.es DNS Name: kemlg.upc.edu DNS Name: labedi.upc.edu DNS Name: lerma.upc.edu DNS Name: ma2.upc.edu DNS Name: ma2.upc.es DNS Name: ma4.upc.edu DNS Name: macrom.upc.edu DNS Name: mpi.upc.edu DNS Name: pa.upc.edu DNS Name: plone.upc.edu DNS Name: psep.upc.edu DNS Name: recerca.upc.edu DNS Name: rmee.upc.edu DNS Name: upcnet.upc.edu DNS Name: www.ca1.upc.edu DNS Name: www.ca2.upc.edu DNS Name: www.camins.upc.edu DNS Name: www.catedraeveris.upc.edu DNS Name: www.ceib.upc.edu DNS Name: www.cemad.upc.edu DNS Name: www.cmem.upc.edu DNS Name: www.cuv.upc.edu DNS Name: www.dcen.upc.edu DNS Name: www.deab.upc.edu DNS Name: www.dehma.upc.edu DNS Name: www.doe.upc.edu DNS Name: www.ec.upc.edu DNS Name: www.eel.upc.edu DNS Name: www.ege.upc.edu DNS Name: www.entel.upc.edu DNS Name: www.eq.upc.edu DNS Name: www.esab.upc.edu DNS Name: www.etcg.upc.edu DNS Name: www.etsav.upc.edu DNS Name: www.euetib.upc.edu DNS Name: www.fa.upc.edu DNS Name: www.fme.upc.edu DNS Name: www.gaa.upc.edu DNS Name: www.gcm.upc.edu DNS Name: www.guni.upc.edu DNS Name: www.ice.upc.edu DNS Name: www.iemae.upc.edu DNS Name: www.ioc.upc.edu DNS Name: www.ioc.upc.es DNS Name: www.kemlg.upc.edu DNS Name: www.labedi.upc.edu DNS Name: www.lerma.upc.edu DNS Name: www.ma2.upc.edu DNS Name: www.ma2.upc.es DNS Name: www.ma4.upc.edu DNS Name: www.macrom.upc.edu DNS Name: www.mpi.upc.edu DNS Name: www.pa.upc.edu DNS Name: www.rmee.upc.edu DNS Name: xsf.upc.edu DNS Name: xsf.upc.es