0

I was asked to create a sharepoint web application with ssl on a server with sharepoint 2010 installed. The problem is that this port seems to be in use for hosting our subversion repository. So when i try to browse my sharepoint site, it just shows a page with my repository. I've read about installing certificates and configuring multiple sites on one port with host headers but i never succeeded to complete this job. I would really appreciate some help here.

Thanks!

ThdK
  • 9,916
  • 23
  • 74
  • 101

2 Answers2

2

Assuming you're talking about individual SSL certificates (as opposed to a single wildcard certificate), I believe each website HAS to have its own IP address. AFAIK it is not possible to run multiple websites with multiple SSL certificates under the same IP address.

Depending on who is hosting the server, you would need a new IP address to be allocated to the server, and then within IIS you use the new IP address against the hostheader of your new website. You should find that the certificate works correctly, if not then try removing the certificate from the website and re-allocating it.

You would only be able to use a wildcard certificate if the primary domains of the websites were the same (e.g. website1.mydomain.com and website2.mydomain.com).

freefaller
  • 19,368
  • 7
  • 57
  • 87
  • what if i want to use a single wildcard certificate? Or is this evil? I'm looking now to change the port for SVN but i can't find the configuration for this. – ThdK Sep 21 '11 at 07:44
  • 1
    Yes, using a wildcard certificate would work, but in my experience a complete pain to set-up on IIS6 (it required command line scripting as the GUI didn't cope with it). Unfortunately wildcard certificates are significantly more expensive that individual ones. I do not believe changing the port will make any difference to your situation, it will still be using the same IP address. – freefaller Sep 21 '11 at 07:48
  • Ok, thanks for making things clear. I've read about one other possible sollution. Host headers. Can i solve it my configuring svn with the url SVN.mydomain.com and sharepoint to SP.mydomain.com? – ThdK Sep 21 '11 at 07:58
  • Ah, you've made me realise that my suggestion of a wildcard certificate would ONLY work when you have the same primary domain (as you suggest above). If the websites have different primary domains, I believe you MUST have individual certificates running under individual IP address. I will update my answer – freefaller Sep 21 '11 at 08:06
1

Thomas, I've run into a similar situation before where the requirements dictated that we use 1 ip address, but the domains will be different (eg. website1.com, somesite.org, website2.us).

You can achieve this by using a Unified Communications certificate with Subject Alternative names. Currently, Digicert offers a UC certificate that can achieve this, but some other CA's will not.

Essentially you will have 1 certificate bound to :443 on the same ip address. The big drawback to this is that if the cert goes down, all the sites SSL will not work.

You have to manually (via powershell) bind each domain to port 443 however, but the instructions are fairly simple.

Server Name Indication would be another way, but it's not even an option in IIS 6

calweb
  • 91
  • 7