do i need a dedicated ip address for https?
Laszlo Nagy
gandalf at shopzeus.com
Wed Dec 22 12:55:13 UTC 2010
On 2010-12-22 07:53, S Mathias wrote:
> http://help.godaddy.com/article/1054
>
> "# Set up SSL protection on your website."
>
> is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain?
Obviously, you cannot have a website without an IP address.
Another strict rule is that you can only use one SSL certificate per IP
address + PORT. This is determined by the SSL protocol, and you cannot
do anything to change it.
But there are possibilities. You can use different SSL certificates for
the same ip address and different port numbers:
https://your_domain_1:4430
https://your_domain_2:4431
etc. (where your_domain_1 and your_domain_2 have the same IP, and you
have different certificates from them).
You can also use many host names with the same IP address and port
number, but they will have to share the same SSL certificate. It is not
a problem, if they are subdomains, and you own a wildcard certificate.
Example:
https://sub1.yourdomain.com
https://sub2.yourdomain.com
https://sub3.yourdomain.com
etc. (where you have a wildcard certificate for *.yourdomain.com)
And finally, it is possible to use different domains and the same port,
without wildcard certificate or subdomains, but then all connecting
clients will complain about the problem (e.g. certificate belongs to a
domain that differs from the one you are connecting to.) For any serious
projects, this is not recommended. You cannot expect customers sending
you private information on a website that cannot identify itself...
Best,
Laszlo
More information about the freebsd-questions
mailing list