"Joe" <anonymous@discussions.microsoft.com> wrote in message
news:113d01c4ab88$dc14d030$a601280a@phx.gbl...
> Thank you Bernard,
> I haven't talked to you in a long while . Nice to hear
> from you.
>
> So what does this mean>>> afaik?
>
> So your saying each SSL site has to have an IP included
> in the hosting package?
>
>
> Thank you
> Joe
> >-----Original Message-----
> >Yes, afaik those hosters allocate one IP for each SSL
> site.
> >
> >--
> >Regards,
> >Bernard Cheah
> >http://www.tryiis.com/
> >http://support.microsoft.com/
> >http://www.msmvps.com/bernard/
> >
> >
> >
> >"Joe" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:0f4d01c4ab57$432c55e0$a601280a@phx.gbl...
> >> Hello,
> >>
> >> I am wondering if anyone can help me here?
> >> I am currently running 5 sites on one IP but
> >> I want to host multiple SSL sites on IIS 6.0 with one
> IP
> >> can this be done? I am aware of the SSL limitation but
> >> how does a hosting company do this? I wouldn't think
> they
> >> use one site per server? Maybe I am wrong?
> >>
> >> Thanks
> >> Joe
> >
> >
> >.
> >

"Joe" <anonymous@discussions.microsoft.com> wrote in message
news:38cd01c4abe7$a263efb0$a501280a@phx.gbl...
> This is fantastic information thank you Alun,
>
> So I would need to provide either a server for each SSL
> site or an aditional IP correct?
>
> For example
> 12.164.55.148 can have SSL only one on port 80
> and If I need another I would set it like this:
> 12.164.55.149 SSL on port 80
>
> and so on...
>
>
> Thanks
> Joe
>
> >-----Original Message-----
> >"Joe" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:113d01c4ab88$dc14d030$a601280a@phx.gbl...
> >> So your saying each SSL site has to have an IP included
> >> in the hosting package?
> >
> >Here's a quick description, to demonstrate why:
> >
> >1. The client takes the URL and resolves the name into
> an IP address, and a
> >port (usually a default port).
> >2. The client connects to that IP address, on the
> requested port
> >3. The server running at that IP address and port
> answers.
> >4. The client sends a "hello" message, asking the server
> to send its
> >certificate.
> >5. The server sends the certificate to the client.
> >6. The client checks the name in the certificate against
> the name it had in
> >step 1.
> >7.1. If the certificate matches, the client and server
> start encrypted
> >exchanges.
> >7.2. If the certificate doesn't match, the client
> displays an error to the
> >user and stops.
> >8. The client sends HTTP request headers, encrypted, to
> the server.
> >9. The server sends back HTTP responses, encrypted,
> containing content
> >requested.
> >
> >Note that host headers are sent in step 8, but the
> server has to pick a
> >certificate to send in step 5, and that certificate must
> have the server
> >name that the user asked for. The server has no clue as
> to which
> >certificate it must pick, so it must have a single
> certificate to send back
> >on that IP address and port.
> >
> >There is work under way to produce a "next version" of
> TLS, that will allow
> >a client to send the host name it wants in step 4, so
> that the server can
> >choose among several certificates, but it is not clear
> exactly when (if
> >ever) this will be implemented in browsers or web
> servers - and it has to be
> >implemented, and enabled, in both if it is to work.
> >
> >Alun.
> >~~~~
> >
> >
> >.
> >

>-----Original Message-----
>Yes. or you can bind to same IP different port
>say 443, 4433, 44433 and etc
>but this is inconvenience, as the port need to be
specify along with the
>url. e.g. https:/abc.com:4433/
>
>
>--
>Regards,
>Bernard Cheah
>http://www.tryiis.com/
>http://support.microsoft.com/
>http://www.msmvps.com/bernard/
>
>
>
>"Joe" <anonymous@discussions.microsoft.com> wrote in
message
>news:38cd01c4abe7$a263efb0$a501280a@phx.gbl...
>> This is fantastic information thank you Alun,
>>
>> So I would need to provide either a server for each SSL
>> site or an aditional IP correct?
>>
>> For example
>> 12.164.55.148 can have SSL only one on port 80
>> and If I need another I would set it like this:
>> 12.164.55.149 SSL on port 80
>>
>> and so on...
>>
>>
>> Thanks
>> Joe
>>
>> >-----Original Message-----
>> >"Joe" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:113d01c4ab88$dc14d030$a601280a@phx.gbl...
>> >> So your saying each SSL site has to have an IP
included
>> >> in the hosting package?
>> >
>> >Here's a quick description, to demonstrate why:
>> >
>> >1. The client takes the URL and resolves the name into
>> an IP address, and a
>> >port (usually a default port).
>> >2. The client connects to that IP address, on the
>> requested port
>> >3. The server running at that IP address and port
>> answers.
>> >4. The client sends a "hello" message, asking the
server
>> to send its
>> >certificate.
>> >5. The server sends the certificate to the client.
>> >6. The client checks the name in the certificate
against
>> the name it had in
>> >step 1.
>> >7.1. If the certificate matches, the client and server
>> start encrypted
>> >exchanges.
>> >7.2. If the certificate doesn't match, the client
>> displays an error to the
>> >user and stops.
>> >8. The client sends HTTP request headers, encrypted,
to
>> the server.
>> >9. The server sends back HTTP responses, encrypted,
>> containing content
>> >requested.
>> >
>> >Note that host headers are sent in step 8, but the
>> server has to pick a
>> >certificate to send in step 5, and that certificate
must
>> have the server
>> >name that the user asked for. The server has no clue
as
>> to which
>> >certificate it must pick, so it must have a single
>> certificate to send back
>> >on that IP address and port.
>> >
>> >There is work under way to produce a "next version" of
>> TLS, that will allow
>> >a client to send the host name it wants in step 4, so
>> that the server can
>> >choose among several certificates, but it is not clear
>> exactly when (if
>> >ever) this will be implemented in browsers or web
>> servers - and it has to be
>> >implemented, and enabled, in both if it is to work.
>> >
>> >Alun.
>> >~~~~
>> >
>> >
>> >.
>> >
>
>
>.