Trying to use a UUC multiple site certificate with IIS 7.5 - iis

I've been trying unsuccessfully to use a UCC multiple site certificate to provide SSL to my subdomains (for example, I have the certificate set for www.example.com and I would like to bind it to sub1.example.com and sub2.example.com). These sites are all on the same ip.
The problem I'm having is that when I try to bind the certificate to the subdomains, strange behavior begins to happen. When attempting to use https with the subdomains, they redirect to the root site in some strange way (the URL reads https://sub1.example.com but displays the page https://www.example.com).
I've tried multiple solutions both through the IIS manager and the command line (appcmd in inetsrv), but nothing seems to be working. Any insight into the problem?

The IIS GUI manager is not able to configure these types of certificates properly, but command line should:
appcmd set site /site.name:{SITE NAME AS PER IIS GUI} /+bindings.[protocol='https',bindingInformation='{IP ADDRESS TO BIND TO}:443:{HOSTHEADER OF WEBSITE}']
http://sslnews.blogspot.com/2010/11/requiring-multi-domains-to-wildcard-ssl.html

Related

How do we show a page from our app but using a custom domain owned by a user

We host an angular app (e.g. render.our-app.com) hosted on now/zeit. This app allows a user to show a presentation. The presentationId needs to be included in the path e.g. https://render.our-app.com/. We are looking to be able use a custom domain owned by the user, to show a presentation we no redirects.
So for example, the user has a domain (website.mycompany.com) and we want to show the presentation under that custom domain but using our app.
website.mycompany.com => render.our-app.com/12345 (12345 = presentationId)
We are not sure how to do this properly. We tried to use a cname but we get an error saying:
404: NOT_FOUND
Code: DEPLOYMENT_NOT_FOUND
(The error is very now/zeit specific)
We thought that http://website.mycompany.com/12345 might work.
We are not sure how to do this :(
Thanks
The steps involved probably would be:
Set up a virtual host on your server for website.mycompany.com (or maybe use a ServerAlias directive if you are on Apache. This is where your app will be hosted.
Edit the host file of the computer that will be used for the presentation, in that host file you add an entry for website.mycompany.com, that points to the IP address of your server. By doing so, you bypass the normal DNS resolution process. Rather than connect to the 'true' address, the PC will connect to your demo server.
There is a gotcha: SSL. You can create a self-signed certificate on the server, and then you add it to the list trusted certificates on the client (demo PC). This can be done the first time you launch your browser and get an alert about the self-signed certificate.

Unusual multiple website setup on Windows Server 2012 R2

I currently have the following website setup on Windows Server 2012 R2. The following website is catching all the traffic to the webserver and then adding a few URL rewrite rules, such as forcing HTTPS and appending www.
I want to add a second website under a subdomain of the above site and diferent source code. How do I go about it?
EDIT: I've created a second website with a binding to the subdomain but all traffic is being redirected to the first website, as setup above. Does the first website require a defined Host Name? If so, that's not possible because the code of the website above is handling about 100 domains. The content is loaded based on domain name. So probably adding a subdomain of one of the websites is not possible. Is someone able to clarify, please?
Just create a new website in IIS for example hostname site1.yourdomain.com and set the bindings and and point to website folder.
create a 2e website with hostname site2.yourdomain.com set bindings, and point to your 2e website folder.
and you can have a main site with hostname www.yourdomain.com or yourdomain.com
also set an ip if you want to bind to a specific ip only.
it is important to set the hostname.

SSL Configuration Issue on IIS 6

Need help with this odd issue.
I installed an SSL Certificated from GoDaddy for a site hosted on our server (lets call this example.com). This is a Windows 2003 Server with IIS 6 with several domains hosted on it. The SSL installed properly.
However, now if I type any url of a different domain (say example.org) hosted on this same server with HTTPS, I get the following error in Chrome:
Your connection is not private
Attackers might be trying to steal your information from
(for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
Firefox will also give similar errors.
example.org has no SSL associated with it and there are no other SSL Certificates for any other sites either.
I am at a loss as to how ALL sites on the server are loading with SSL. Funny thing is that clicking on the link in browser error loads the Site to which SSL is assigned, but URL remains the same.
Ex. I type https://example.org (NO SSL Associated with this site) and type enter
I see the error above
If I click on Proceed to example.org (unsafe), it takes me to https://example.org but the content loads for domain example.com which has the SSL certificate bound to it.
I have checked Metabase for Bindings and seems clean.
I have deleted the SSL certificate and installed a fresh one issued from Godaddy
Tried deleting the site from IIS and recreating the whole thing but still no difference.
No other site has any host headers for SSL Port 443
Any ideas on how this can be resolved so that ALL Sites don't load on SSL? Thanks in advance.
Go to IIS Manager.
Open property page of website where you dont need SSL (example.org as mentioned in question) by right click on website and select properties.
Go to directory security tab
Click Edit button located in ottom section of tab.
Verify if very first checkbox called "Require secure channel(SSL)" is UNCHECKED.

.htaccess redirection to an IP Address of a different server

I am hosting my public facing site at a shared host (Hostgator) with the domain pointing to the same. I also have my application hosted on a dedicated server with a different host. Both servers have their own SSL certificates installed.
Is there any way to edit the .htaccess file to do the following:
https://www.domain.com/CUSTOMER redirects to https://x.x.x.x/CUSTOMER while the browser still shows www.domain.com/CUSTOMER?
I'm vary of using frames due to the SSL ramifications. My domain registrar is Hostway and they do not offer URL masking/forwarding.
This can be done by making your server act as a proxy. Even if you have no access to the servers configuration you might be lucky that apaches proxy module is loaded: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
If so you can 'map' the remote site (IP) as if being served by your normal server.
Also apaches rewriting module can make use of that module by using the [P] flag in a RewriteRule.
Be sure you have a copy of that site on the different server, preverally with the same database, so you don't get in trouble with i.e. order numbers or user logins between http and https. The certificate server must be the web server for your SSL provided web content.
Take a look here foor further informations. "Google Search Result"

Sharing single application across a 2 subdomains in IIS7

I have an application that is currently deployed (ex. www.example.com ). However, now we have a "secure" subdomain, which will take all of the requests that need to be encrypted (ex. secure.example.com). The site that is at www.example.com is currently mapped to C:\inetpub\example.com\wwwroot\, and I've mapped secure.example.com to C:\inetpub\example.com\wwwroot\secure.
However, since secure.example.com was setup as a new website within the IIS Manager, when the secure site is visited, it displays an error since there is no web.config associated with this website; however, this is the way I want it since I want this to be a part of the application that is in the parent directory.
I think what you really meant to do was just right click on the web site for example.com and edit the bindings. In there you can add host names to that site.
Make sure you add them for port 443 which is SSL.
Map both the IIS virtual directories/web sites to the same directory, and check that are both using the same IIS application name.
(Not tried this, but can't recall seeing anything to say it would not work.)

Resources