Join our DNN Community    (Newsletter, Tips, Tricks and Forums for DNN Skins & Modules)

 


 
Microsoft Gold Certified Partner - DNN Benefactor

DotNetNuke Powered! 
Friday, November 21, 2008 Register · Login · Contact · Search:  
Company Solutions Portfolio Contact
Forums
General
Forum for discussing Dotnetnuke and asking or answering questions regarding general usage, integration and fundamentals
Forums > Dotnetnuke > General
Subject: multiple portals, multiple sites, and ssl
You are not authorized to post a reply.
 
Author Messages
jwmott
Posts:50
03/28/2008 1:27 PM Alert 
multiple portals, multiple sites, and ssl




I host 7 dnn sites under one domain, and 1 site under a different domain. Sites 1 through 7 are variious versions of dnn raaging up to dnn 4.5.5. They are configured as https://domainname1/companyname1 through https://domainname1/companyname7. The sites are used by social service agencies to collect and keep track of clients. There is an ssl certificate installed for this site for domainname1 on the default ssl port in IIS.

The 8th site is http://www.domainname2.com and this site is a commercial and public site and I only need ot secure the shopping cart. It has it's own ssl certifiace on an alternate port. When I try to secure the shopping cart on this site, the browser throws an exception stating that the certificate is not for the domain. As you probably guessed, DNN is trying to offer the ssl certificate on the default port, which is not the correct certififcate (looking at eh details of the ssl error it hsows the certificate for domainname1 instead of domainname2).

If I switch site 8 to use the default ssl port then I can secure the shoopping cart, but the 400 users of domain1 sites get the certificate error as their sites are now offering the domainname2 certificate.

Is there a hack that I could apply to DNN to allow it to recognize non-default ssl ports?

Is there a better way to set up the sites to make ssl and multiple dnn sites coexists in harmony?

Any help is appreciated.

john mott




malik22
Flyweight
Posts:2
03/30/2008 9:20 AM Alert 
Are using the same IP address for both domains? If so, that is a no no unless if you are using shared SSL which does not sound like the case in your problem. Each site that requires SSL needs to have it's own IP address and just not just internally if you are using NAT but also externally (the public IP).

Hope this helps solve your problem.

Malik Khan
PointClick Technologies, LLC
http://www.pointclick.net


robert_chumley
Please Wait...
Posts:595
03/31/2008 11:34 AM Alert 
Thanks Malik, Very nice to see you here!
Robert Chumley
r2integrated (formally bi4ce)
jwmott
Posts:50
03/31/2008 1:12 PM Alert 
Thanks for the reply. I have posted this same question on the dnn forums at dotnetnuke.com, on other dnn related boards for about a week now, and this is the first response I got. The sales person who sold us the sll certificates told me that I could have ssl on the same ip for multiple domains but I guess that is what I get for listening to a salesman. <grin>. I probably wasn't able to ask the right question.
jwmott
Posts:50
03/31/2008 2:09 PM Alert 
I did a little more research but I want ot make sure I have a good understanding of iis and ssl and dotnetnuke, so any answer will be appreciated. Also Malik we might be interested in entering into an agreement with a hosting provider to do our hosting for us if you are interested.

As I nwo understand IIS and SSL I have three options:

Each website has its own SSL certificate on port 443 and a unique IP address,
or
each website has its own SSL certificate, same IP, differnet ssl port and users must type the unfriendly addressto access the site, (My understanding is that redirecting a site to a different ssl port doesn't work)
or
each website has the same SSL certificate (wildcard certificate, although I am not sure how this works with differnet domain names) same Ip address and same ssl port

malik22
Flyweight
Posts:2
03/31/2008 5:35 PM Alert 
You best option is option 1, each site with it's own SSL Cert on port 443 with a unique IP.

Why not the other options?, Well even if the redirecting to different SSL port works which you can make work, i wouldn't recommend it because it just doesn't look professional for an eCommerce site. The third option only works if you are dealing with one domain and therefore could use *.yourdomain.com for all subdomains.

You send can me a private message with your email address and we can discuss your hosting needs or contact me via our company contact us page.

Regards,
Malik Khan
PointClick Technologies, LLC.
www.pointclick.net
You are not authorized to post a reply.
Forums > Dotnetnuke > General > multiple portals, multiple sites, and ssl


ActiveForums 3.6
Latest Post
 
At R2integrated (formerly Bi4ce), we take support seriously.  That's why we support our customers and DNN community with daily monitoring from our experienced engineering team.  We ask that the first step taken is to read the relevant documentation and support forums prior to submitting any questions that may already be available or have been answered.  We ask that you review the documentation that we provide for our products before posting a question.

The Forums are for our customers to chat, exchange ideas and strategies, and submit feedback.  Please be sure to perform keyword searches for previous related forum responses.

To be helpful when submitting a new item, please include the following: 
  1. DNN Version
  2. Module Version
  3. Admin Log Viewer Information
  4. Environment detail: Operating system, .NET framework version, database and version, IIS version, Browser version (if appropriate)
We always try to respond quickly and monitor the forums daily during business hours (EST).  Occasionally, requests for a specific project requirement may not apply for the free support offered. For project specific support please submit via our Information Request form.

Thank you for using our Forums.

Click here to register for the Forums
 
© 2008 by R2integrated (formerly Bi4ce) | DNN® is a registered trademark of DotNetNuke Corporation