We have a server that has multiple websites on it. We need to install multiple ssls to this server. We have a block of 5 IPs that we can use and could give the server multiple local IPs. If I am reading right we would then need to set up NAT on the firewall
to properly associate the external to the internal IPs. I have also read the other option is to simply change the port from 443 to some other port, and then again in the firewall do a redirect. I can also write a redirect in iis to take the port 80 requests
and switch it to the new secured port.
We are currently using a UCC cert for 6 domains but this becomes more maintenance if we remove or add a new domains. And if for some reason the cert is not viewed as correct and you get the web warning but say its ok to continue it then forwards to the main
domain regardless of what the original URL was. This causes issue because if a client is trying to log into their website and there is an error they end up at a completely different clients website.
My question is which is best practice?
to properly associate the external to the internal IPs. I have also read the other option is to simply change the port from 443 to some other port, and then again in the firewall do a redirect. I can also write a redirect in iis to take the port 80 requests
and switch it to the new secured port.
We are currently using a UCC cert for 6 domains but this becomes more maintenance if we remove or add a new domains. And if for some reason the cert is not viewed as correct and you get the web warning but say its ok to continue it then forwards to the main
domain regardless of what the original URL was. This causes issue because if a client is trying to log into their website and there is an error they end up at a completely different clients website.
My question is which is best practice?