multiple portals, multiple sites, and ssl




I host 7 dnn sites under one domain, and 1 site under a different domain. Sites 1 through 7 are variious versions of dnn raaging up to dnn 4.5.5. They are configured as https://domainname1/companyname1 through https://domainname1/companyname7. The sites are used by social service agencies to collect and keep track of clients. There is an ssl certificate installed for this site for domainname1 on the default ssl port in IIS.

The 8th site is http://www.domainname2.com and this site is a commercial and public site and I only need ot secure the shopping cart. It has it's own ssl certifiace on an alternate port. When I try to secure the shopping cart on this site, the browser throws an exception stating that the certificate is not for the domain. As you probably guessed, DNN is trying to offer the ssl certificate on the default port, which is not the correct certififcate (looking at eh details of the ssl error it hsows the certificate for domainname1 instead of domainname2).

If I switch site 8 to use the default ssl port then I can secure the shoopping cart, but the 400 users of domain1 sites get the certificate error as their sites are now offering the domainname2 certificate.

Is there a hack that I could apply to DNN to allow it to recognize non-default ssl ports?

Is there a better way to set up the sites to make ssl and multiple dnn sites coexists in harmony?

Any help is appreciated.

john mott

Are using the same IP address for both domains? If so, that is a no no unless if you are using shared SSL which does not sound like the case in your problem. Each site that requires SSL needs to have it's own IP address and just not just internally if you are using NAT but also externally (the public IP).

Hope this helps solve your problem.

Malik Khan
PointClick Technologies, LLC
http://www.pointclick.net

Thanks Malik, Very nice to see you here!

Thanks for the reply. I have posted this same question on the dnn forums at dotnetnuke.com, on other dnn related boards for about a week now, and this is the first response I got. The sales person who sold us the sll certificates told me that I could have ssl on the same ip for multiple domains but I guess that is what I get for listening to a salesman. <grin>. I probably wasn't able to ask the right question.

I did a little more research but I want ot make sure I have a good understanding of iis and ssl and dotnetnuke, so any answer will be appreciated. Also Malik we might be interested in entering into an agreement with a hosting provider to do our hosting for us if you are interested.

As I nwo understand IIS and SSL I have three options:

Each website has its own SSL certificate on port 443 and a unique IP address,
or
each website has its own SSL certificate, same IP, differnet ssl port and users must type the unfriendly addressto access the site, (My understanding is that redirecting a site to a different ssl port doesn't work)
or
each website has the same SSL certificate (wildcard certificate, although I am not sure how this works with differnet domain names) same Ip address and same ssl port

You best option is option 1, each site with it's own SSL Cert on port 443 with a unique IP.

Why not the other options?, Well even if the redirecting to different SSL port works which you can make work, i wouldn't recommend it because it just doesn't look professional for an eCommerce site. The third option only works if you are dealing with one domain and therefore could use *.yourdomain.com for all subdomains.

You send can me a private message with your email address and we can discuss your hosting needs or contact me via our company contact us page.

Regards,
Malik Khan
PointClick Technologies, LLC.
www.pointclick.net