Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
We have hosted two domains in the same IP. For example:
www.domain1.com
www.domain2.com
Both are hosted in IIS7. We bought the two SSL certificates for each, one for domain1 and other for domain2. I have tried SSL host header to use different SSL for these two domains but it failed. How can i use these two SSL certificates for the respective domains that both are hosted in same IP?
Could anyone please let me know the right way to do this?
Regards,
Karthik.
By reviewing your requirement, i would suggest two different options:
Option 1:
Host both domains on separate IP address. Each SSL needs dedicated IP address to work. You need to pay monthly cost for each IP address.
Option 2:
Buy SAN (Subject Alternative Name) SSL certificate. With SAN SSL you can add many domain names in single ssl certificate. Single SSL needs single IP address to work on web-server.
SAN ssl certificates are costly compare to standard ssl certificates.
You're looking for SNI (Server Name Indication), and it is not supported on IIS7. There is no way to do it.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
The website is reachable by host name but not by the ip adress specified in the A record. The DNS successfully resolves the request to the same ip specified in the A record.
Postman tells me: Error: Hostname/IP does not match certificate's altnames: IP: [...] is not in the cert's list.
Background: I have connected a Firebase application with a existing Domain. Firebase has generated a certificate for this website.
There are not enough IP addresses for all web sites to have a unique IP address. Firebase Hosting makes everyone's sites share the same IP address, and is able to distinguish requests for sites using the HTTP Host header from each request. This means the Host header is required. Postman will add that for you automatically if you use the domain name of your site, but it would have no idea what to use if you just provide an IP address.
See also: What is http host header?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I want to run a web server on my home network but my ISP doesn't let incoming requests from port 80, so I have to use port 81, is there a way I could hide the port number from my domain so that people don't have to type mysite.com:81 in the address bar?
I tried to use an SRV record but after failing so many times I realized that the browser needs to obey the SRV record and it doesn't so that's why it doesn't work.
Note
My ISP also wouldn't let me buy a static IP so I have to use a dynamic dns service provided by noip.com.
If your ISP blocks port 80, then you can't run anything, not even a port forwarder, on port 80. Which means your visitors will need to use the port number. Period. Sorry, but there's just no way to make the browser use a different port without telling it to.
One thing that some dyndns providers allow you to do is to create a page that's shown when the domain is offline. You could get jordanjones.noip.com and realjordanjones.noip.com, set jordanjones.noip.com to offline, and make a page there that's nothing but a frameset with one big frame that pulls in realjordanjones.com:81. Don't know if noip.com offers that service, though.
The only real answer is: get a decent provider.
You need to do either port forwarding or redirect requests on server.
For example run server on 8080 port and redirect all requests from port 80 to 8080.
See this: Apache VirtualHost: How to ServerName a port different from 80
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I was wondering why not host the application from my office itself? I have a static IP. What else do I need to make my local server accessible on the Internet? I know I need a domain name but I am new to hosting so I don't know how to go about it. How will I link my static WAN IP to the domain. Right now when I type my WAN IP on the net , my ISP shows up a site blocked page. I don't know what to do.
It is an ASP.net web app.
There are a number of things that need to fall in place before the web application will be accessible from the Internet.
You need to open the relevant ports on your router/firewall (Port 80/443 for web apps).
If you are in a NAT situation you need to forward the ports to the right machine.
The machine also needs to have its firewall set to open the ports.
The above steps will allow the page to load via the IP address only. To load the page with a domain name you need to adjust your site's DNS server to recognize the IP address for that domain name.
All of this is very broad because without knowing your exact configuration detailed answers can't be given.
First, are your sure the IP address you have at your office is a static public ip address? You may have an internal IP. What I mean is that YOUR Computer may have an internal IP address so yo would need to configure your router to forward connections to port 80 to your specific IP address inside your LAN.
You can register your domain at any registrar of your choice (I am hesitant to mention one). You should have an option to link your domain name to your IP address somewhere at the registrar's site. After you do this, you should be able to go http://yourdomainjustregistered.com and hit your IIS Server.
My understanding is that versions of IIS that are shipped with regular home computers have restrictions on how many connections can be made concurrently. You would need to get a Server version of Windows.
If your ISP shows a site blocked page when you type your ip address, it may be the case that they block port 80 to their customers so that they don't run personal websites without paying them a fee. You need to find out what's their policy regarding this, drop them if they do something like this and find another ISP. Alternatively, you can run your web server on a different port (8180, for example) and use all kinds of techniques to redirect users that hit http://yourdomain.com to this port on your box. You would need to adjust IIS to listen on this port too.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I am setting up multiple sites on IIS7.
What are the pros and cons of:
Setting up all the sites on the same IP address but different ports
versus
Setting up all the sites on different IP addresses.
Also,what are the implications for SSL certificates(any any other aspects that you may know of) between the above two approaches?
First, each site that uses SSL, must be bound to an IP address. SSL sites can only be segmented by IP (and port) and cannot be segmented by host name.
The only implication by segmenting by host is that if a given site goes down (literally stopped) and if there is a site listening only on IP, it will "choose" that site. So, the effect is a user goes to site A and sees the stuff from site B. If all sites segment on host, this isn't a problem.
For public sites that assume 80 and 443 for http and https, you really can only segment on IP or host. Most users will not be expecting to navigate to something on a different port and you would need to open special ports on the hosting system's firewall to allow for requests on those ports.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 13 years ago.
Improve this question
Recently, I saw I introduction on CDN at
http://www.aflexi.net/technology/how-aflexi-cdn-works
I was wondering, why user's web browser will know it need to contact Aflexi DNS Server in Los Angeles, but not DNS Server provided by ISP (Like AOL)?
Thanks!
Your Internet Service Provider will likely push the DNS server information through the DHCP protocol (of course, you can override this information locally on your machine). This is how your machine will get configured with DNS servers to launch queries against.
The way a CDN works is as follows: companies relying on CDN based delivery of their contents will manage their domains through a CDN provider. When a request comes for say domain D, a machine will contact its configured DNS server and will be directed to the "authoritative entity" for the domain D in question. From this point, the CDN DNS server can reply with an answer that provides a binding to an IP address "closest" to where the request originated.
The property "closest" is determined, amongst other things, based on the requesting machine's IP address. It is nonetheless non-trivial to assign a "metric" based on this information: there is no direct correlation between "IP address" and "physical location", vital information for effecting as best as possible contents to the requesting machines.
This usually works by assigning the same IP address to a number of authoritative DNS servers for the domain around the world, and playing some tricks with routing in the internet default-free zone such that every request goes to the closest server (measured in network hops, not miles). This is called 'IP Anycast'. The different servers can then deliver whatever answers the provider wants them to. It's a good solution because network topology matters much more to performance than physical distance.