2

I run a small website (www.exampleurl.com) and want to be able to offer clients the ability to have a personalised URL (clientname.exampleurl.com). The important factor here is that each instance of a personalised URL is just an alias to the original site rather than being a new website instance within IIS.

I've bought a wildcard SSL certificate but now my hosting company has told me that it can only be used in the case of new website instances, not aliases.

Is this true? It's surprisingly hard to Google this information. The hosting provider runs IIS7.5. Any insight would be appreciated.

user72964
  • 123
  • 5

3 Answers3

2

We needed the exact same setup with our ssl.com wildcard cert. we did this, create a dns entry like below where xxx.xxx.xxx.xxx is your ip address for exampleurl.com.

*.exampleurl.com     Host (A)    Default     xxx.xxx.xxx.xxx

Then make sure your app on exampleurl.com can listen to all traffic on xxx.xxx.xxx.xxx regardless of host header. That should do it.

Chevy Resnick
  • 1
  • 7
1

I just ran a little test:

IIS 7.5, one running website with a binding of

'https 443 192.168.1.2'

SSL certificate: *.foobar.com (your wildcard cert)

In my hosts file, I added:

192.168.1.2   test1.foobar.com
192.168.1.2   test2.foobar.com
192.168.1.2   test3.foobar.com

Using: https://test1.foobar.com, https://test2.foobar.com and https://test3.foobar.com in a browser all work fine.

Your client uses his url (clientname.exampleurl.com), DNS resolves the IP address and the browser sends the request. IIS7.5 sees an SSL request and just uses the IP address not the host name to figure out which site to serve based on the IP address and the port.

Because there is only one site this works.

If you want to use different sites for different host names you need to move up to IIS8 on Server 2012.

Peter Hahndorf
  • 14,058
  • 3
  • 41
  • 58
  • I am sure this answer is valid, but unfortunately I'm running this hosted site on a shared platform, so there is more than one site configured on IIS. I will look into moving to a dedicated server solution, and will give this a go. Thanks for your input. – user72964 Feb 13 '13 at 11:58
0

As per my understanding of wildcard SSL certificate, you can secure unlimited sub domain of a example.com and domain it self. Here the main condition is; they should be hosted in same private IP address.

Here you need to understand how SSL certificate works:

When you assign SSL certificate to any domain, it works on web server and while you creating Alias for that domain, it is not an actual identity, but just a DNS forwarding. here when you execute your alias, your main domain will execute for authentication not that alias. So, it will not be possible to authenticate your alias.

Ladadadada
  • 26,337
  • 7
  • 59
  • 90
sophie
  • 124
  • 4