Two site, one with https on IIS 7 problem - iis

I have two domain on one ip in IIS. One of the sites bound to https. When in browser i add https to the first domain name, i open the second site, how to fix it?

I'm guessing you're using HTTP host headers here.
SSL doesn't support host headers so you'll need two IP addresses. One for the SSL site and one for the other site (which you can keep on using for non-ssl sites provided you keep using host headers).

Related

IIS Rewrite rule to rewrite to different web site

I have 2 web sites installed on the same IIS server. I need them both to listen on port 443 with HTTPS. I want them to use different application pools and be able to stop and start one without affecting the other. The clients of these websites are not able to configure the host header that they use in their HTTP requests.
Is there a solution? I have been trying to use IIS Rewrite rules. I have one website deployed on port 443 and the other on some unusual port. I tried setting up a URL rewrite on the first one that did a rewrite (not a redirect) to an absolute URL referencing the 2nd site on the unusual port. This always seems to produce an HTTP 404 response.
I can't do a redirect because the client gets redirected to the unusual port and the client is not allowed to make internet requests to non-standard ports.
I believe I am using IIS 6.2, that's what is says in the Help about in IIS MAnager
What options do I have?
It is not possible to rewrite to different applications in IIS, especially if they are in different application pools. Your only option is redirect if you want to do it simply using URL Rewrite.
Another alternative is to use ARR (Application Request Routing) and then proxy the call to the actual site depending on rules, this has also the advantage that sites could be in different machines or in the same one, and give you more flexibility. Obviously it does come with more complexity.

Is it safe to use a wildcard SSL certificate with regards to IE/XP support?

We want to create 'whitelabel' sites by having multiple hostnames pointing to the same IP (and website in IIS) and dynamically switching the site's database according to the hostname the user came in on.
eg. https://co1.mysite.com, co2.mysite.com and co3.mysite.com will all point to the same site, but in the site's code, we may change database connection strings and logos etc depending on what hostname they came in on.
In this particular context (with all sites going to the same IP) am I right in presuming that SNI doesn't come into play and as as long as a wildcard certificate is used (*.mysite.com) then all browsers will be able to access the site OK? Even those with no SNI support (eg Internet Explorer on Windows XP)?
Yes, you are correct. Server will send the same cert for every request (even from SNI-capable clients). Of course you can't host there any other hostnames outside of scope of your wildcard cert, if all of them needs to be accessible from non-SNI clients.

IIS 7 IP address forwarding

I want to move some websites from server 1 to server 2.
My clients have A records pointing to the IP address of server 1. Without updating their DNS records, how can I automatically forward request for those domains from server 1 to server 2?
Thanks
Graham
This image is from an article regarding Exchange, but the IIS settings are relevant.
You can redirect at the HTTP level by specifying a URL redirect in IIS's HTTP Redirect settings:-
However, for this approach to work you will need a new domain for your sites. e.g. if the A record resolves www.example.com to Server 1 you will need to redirect to another URL (e.g. www.example.edu) that already resolves to Server 2.
Another option is to setup a reverse proxy using IIS on Server 1:
Today there was a question in the IIS.net Forums asking how to expose two different Internet sites from another site making them look like if they were subdirectories in the main site.
So for example the goal was to have a site: www.site.com expose a www.site.com/company1 and a www.site.com/company2 and have the content from www.company1.com served for the first one and www.company2.com served in the second one
So slightly different requirements (the article only wants a subdirectory rather than the whole site), but the same concept will apply.

HTTPS load other website content

On my windows 2003 server I have two websites: 2send.co.il & oferavnir.co.il
For 2send.co.il I installed SSL.
When I adding Https to oferavnir.co.il (the site without the SSL) the other site content is displayed -
(https://oferavnir.co.il displays the content from 2send.co.il)
Host headers for both site seems to be ok.
What could it be?
By default, the SSL certificate is probably bound to all IP addresses on your server. If you have individual IPs for each site, you can update the binding to only listen on the IP for 2send.co.il. If you are using host headers and a single IP, the 2send.co.il site will respond for all https requests. You could use a product like ISAPI Rewrite to check the URL used for an HTTPS request and ensure that it matches 2send.co.il or else route it to the appropriate http site for the URL
http://forums.iis.net/t/1195794.aspx/1?HTTPS+displays+other+site+contnet

.htaccess redirection to an IP Address of a different server

I am hosting my public facing site at a shared host (Hostgator) with the domain pointing to the same. I also have my application hosted on a dedicated server with a different host. Both servers have their own SSL certificates installed.
Is there any way to edit the .htaccess file to do the following:
https://www.domain.com/CUSTOMER redirects to https://x.x.x.x/CUSTOMER while the browser still shows www.domain.com/CUSTOMER?
I'm vary of using frames due to the SSL ramifications. My domain registrar is Hostway and they do not offer URL masking/forwarding.
This can be done by making your server act as a proxy. Even if you have no access to the servers configuration you might be lucky that apaches proxy module is loaded: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
If so you can 'map' the remote site (IP) as if being served by your normal server.
Also apaches rewriting module can make use of that module by using the [P] flag in a RewriteRule.
Be sure you have a copy of that site on the different server, preverally with the same database, so you don't get in trouble with i.e. order numbers or user logins between http and https. The certificate server must be the web server for your SSL provided web content.
Take a look here foor further informations. "Google Search Result"

Resources