I have a single IIS 6 box (Win2k3 SP2) that I host multiple development websites on. I have one site currently that requires SSL and now I'm adding a second site. The first site is bound to the machine's IP of 192.168.1.250 and is working just fine. I've added the second site, added 192.168.1.251 to the list of valid IPs for the machine and bound the second site to that IP but now I'm stuck.
We only have a single public IP and our router (running DD-WRT v24-sp1) is redirecting all incoming requests to ports 80/443 to the first IP address so I have no way of getting people to the second site over SSL now.
So I guess I just need confirmation that I'm going to have to do something different. Getting a second IP from our ISP isn't an option (they want too much and take too long to get anything done). Is a wildcard cert the route to go down? Can I create one with openssl? ( I don't mind the browser warning.)
Best Answer
You should be able to host both sites on one server. Just add a second site to IIS, assign the site name and SSL certificate to it, and assign both A records to the same IP. You'll only be able to browse to it by hostname, but SSL requires a valid hostname anyway.
Edit: You're gonna have to get a wildcard for this, though. They're relatively cheap at least. If you're self-signing with OpenSSL, here's how to create a wilcard SSL cert: http://www.justinsamuel.com/2006/03/11/howto-create-a-self-signed-wildcard-ssl-certificate/