I dont care if the internal users want to use SSL, if they end up there it
was their own wrong doing. For the most part they are given a generated URL
to view an image. so as long as the program generating the url doesnt toss a
Its a rather botched up image viewer for radiology images. the largest
problem with creating two sites is the management overhead. the application
good way to replicate. Also its running off a tomcat ISAPI filter which im
but i dont see the benefit of it. there is no security issue with the
I appreciate all of your insight and help. always good to see things from
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:edm4fHXkHHA.492@TK2MSFTNGP04.phx.gbl...
> Well, if you have just a single website then it'll still work. But
> depending on a few things (like name resolution) you can't stop internal
> users accessing the site using SSL (and getting a warning message) etc.
>
> Not sure what the application is, but you can't create two websites with
> exactly the same settings? IIS just stores settings in metabase.xml - I
> haven't seen many applications that care what's in metabase.xml...
>
> Cheers
> Ken
>
>
> "Justin Rich" <jrich523@yahoo.com.spam> wrote in message
> news:ek2c0iWkHHA.4936@TK2MSFTNGP03.phx.gbl...
>> Is this menthod the recommended choice because of security or stability?
>>
>> I dont really need to force the SSL, the firewall/DMZ setup will handle
>> that. basically only 443 will be open to the public.
>> Due to the way the site is setup (a mess) its rather hard to split it
>> like you suggested, infact ive tried and it didnt go well. not to mention
>> that configuration isnt supported by the vendor.
>>
>> Thanks
>> Justin
>>
>> "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
>> news:ex1SkFSkHHA.4048@TK2MSFTNGP02.phx.gbl...
>>> You should create two websites in IIS Manager. Point them to the same
>>> web content. Configure each website with the necessary IP address (and
>>> optionally host header)
>>>
>>> For the external site, install the certificate, and check the "Require
>>> SSL" checkbox (that will force HTTPS only)
>>>
>>> For the internal site, you are ready to go.
>>>
>>> Cheers
>>> Ken
>>>
>>>
>>> "Justin Rich" <jrich523@yahoo.com.spam> wrote in message
>>> news:e4LBveOkHHA.4936@TK2MSFTNGP03.phx.gbl...
>>>> unfortunately no.
>>>> different IP's for each name...
>>>> basically one website with two ip's and two names
>>>>
>>>> 123.123.123.222 -
www.external.com >>>> 123.123.123.111 - intneral.ad.com
>>>>
>>>> "Peter O'Dowd (MVP)" <petero@nospam.com> wrote in message
>>>> news:ei61sYOkHHA.3264@TK2MSFTNGP04.phx.gbl...
>>>>> Is the URL the same for internal and extrnal? If so it makes it a
>>>>> whole lot easier.
>>>>>
>>>>> --
>>>>> Peter O'Dowd
>>>>> Exchange Server MVP
>>>>>
http://www.blade.net.nz >>>>> "Justin Rich" <jrich523@yahoo.com.spam> wrote in message
>>>>> news:elZ266LkHHA.3264@TK2MSFTNGP04.phx.gbl...
>>>>>>i have a web server that will have two IP's. one used for internal use
>>>>>>(unrestricted) and one for internet use that will have an SSL cert.
>>>>>>
>>>>>> I know how to apply the multiple IP's but do i need to do anything
>>>>>> with the cert to make the external connections secure and the
>>>>>> internal non secure?
>>>>>>
>>>>>> or is this just as simple as putting both IP's on the site and
>>>>>> applying the cert and just referng to them as https://webaddress and
>>>>>> http://internaladdress ?
>>>>>>
>>>>>> Thanks
>>>>>> Justin
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>
