如何在 Windows 2008/IIS7 上安装多个 SSL?
[英]How to install more then one SSL on Windows 2008/IIS7?
问题描述
We searched about this topic here and found lot of posts that cover different parts from this topic but we didn't find and answer for our solution.
我们在这里搜索了这个主题,发现很多帖子涵盖了这个主题的不同部分,但我们没有找到并回答我们的解决方案。
Problem:问题:
- We have Windows 2008 Server with IIS7 and we would like to install more then one SSL on this server.我们有带有 IIS7 的 Windows 2008 Server,我们想在这台服务器上安装一个以上的 SSL。
- We have one IP address for this server but maybe we could get more of them, and we found that we can have only one SSL on one IP address我们有一个用于该服务器的 IP 地址,但也许我们可以得到更多,我们发现一个 IP 地址上只能有一个 SSL
Questions:问题:
- If we are not wrong, we can have only one SSL on Windows 2008 / IIS7 if we have only one IP?如果我们没记错的话,如果我们只有一个 IP,我们可以在 Windows 2008 / IIS7 上只有一个 SSL 吗?
- We found SSL certificates for multiple domains but this is not suitable for us because in green box in Address bar will be visible only one company (this is suitable for one company that has multiple websites).我们找到了多个域的 SSL 证书,但这不适合我们,因为在地址栏中的绿色框中,只有一家公司可见(这适用于一家拥有多个网站的公司)。 So the only option is to buy different SSL for each different company and what is the best way to set IIS7 to support this?所以唯一的选择是为每个不同的公司购买不同的 SSL,设置 IIS7 以支持这一点的最佳方法是什么?
- Can we host different websites (each with its own SSL) on same IIS7 webserver?我们可以在同一个 IIS7 网络服务器上托管不同的网站(每个都有自己的 SSL)吗? What are our options?我们有哪些选择?
Thanks Alex谢谢亚历克斯
4 个解决方案
解决方案1
11 2010-12-07 17:53:50
Unfortunately it is not currently possible to have multiple SSL certificates issued to multiple domains on a single IP address.不幸的是,目前不可能在一个 IP 地址上向多个域颁发多个 SSL 证书。 There has to be a one to one relationship between SSL certificate, domain and IP. SSL 证书、域和 IP 之间必须存在一对一的关系。 So you only option is to get additional IP address for the server.所以你唯一的选择是为服务器获取额外的 IP 地址。
You can use Host Headers to partially solve the problem, but inferring from your question I assume you have already encountered this and disregarding it as a viable option.您可以使用 Host Headers 来部分解决问题,但从您的问题推断,我假设您已经遇到过这个问题并忽略它是一个可行的选择。 Just incase anybody is googling and finds this question:万一有人在谷歌上搜索并找到这个问题:
Host Headers allows you to bind a single certificate (multidomain or wildcard) to multiple domains on a single IP address, for example: Host Headers 允许您将单个证书(多域或通配符)绑定到单个 IP 地址上的多个域,例如:
sub1.mydomain.com
192.168.0.1 > sub2.mydomain.com > SSL: *.mydomain.com
sub3.mydomain.com
More info on how to configure this can be found here:更多关于如何配置的信息可以在这里找到:
http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html
解决方案2
4 2013-08-13 12:20:41
Another option is using different port than 443 with same ip.另一种选择是使用与 443 不同的端口和相同的 ip。
Plus;加; have a look: Using Host Headers and SSL in IIS 7 (without the ugliness of appcmd)看看:在 IIS 7 中使用主机头和 SSL(没有 appcmd 的丑陋)
解决方案3
0 2010-12-08 15:21:08
If you need each website to show a different company in the certificate, the only option available currently is getting additional IP addresses.如果您需要每个网站在证书中显示不同的公司,目前唯一可用的选项是获取额外的 IP 地址。 You will simply create additional IIS websites and bind them to the new IP addresses.您只需创建其他 IIS 网站并将它们绑定到新的 IP 地址。
解决方案4
0 2022-06-01 13:02:44
Due to a Microsoft rule, Windows Server 2008 R2 can't be upgraded to IIS 8, the maximum IIS version is 7.x;由于微软的规定,Windows Server 2008 R2 不能升级到 IIS 8,最高 IIS 版本为 7.x; however I found a way to have more than one SSL sites using the same default HTTPS port (443) by the Host Headers mechanism.但是,我找到了一种方法,通过主机标头机制让多个 SSL 站点使用相同的默认 HTTPS 端口(443)。 It is mentioned here and if you need clarifications about the Host Headers mechanism you can take a look here .这里提到了它,如果您需要对 Host Headers 机制进行说明,可以查看这里。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.