Wrong site given through https

**jdatwood** · 03-19-2004 02:37 PM

Hopefully someone has a quick fix for this -

I have many websites sharing one IP, but one of them has an "official" SSL cert (domain1.com)

https://www.domain1.com resolves properly

but

https://www.domain2.com
https://www.domain3.com
https://www.domain4.com

etc

all resolve to domain1's secure site.

Is there any way that I can have secure requests for the other domains NOT go to domain1's site? Whether by redirecting to non-secure, or through a 404 error, I don't care - I just need secure requests to the other domains stop going to the domain with the certificate.

They are all on the same IP... I realize that if I put the one with the cert on its own IP then that would fix the problem, but I am looking for a way to do this without moving any of the sites to their own IPs.

Thanks in advance!!!

**whizkid** · 03-21-2004 10:03 PM

Any SSL site requires its own dedicated IP because the cert is bound to the IP address.

So if anyone visits https://someotherdomain.com they will get the SSL page that is bound to the IP.

**jdatwood** · 03-23-2004 01:55 PM

Thanks for the reply...

Any way to change a domain's IP addy without taking the site down for the 12-48 hour DNS propogation?

**whizkid** · 03-23-2004 01:58 PM

Well, you might be able to tweak the TTL in the zone file...

In my experience, it does not take 12-24 hours, rather, its about 4 hours for the new IP to propagate fully. I usually do the IP changes late at night so no one notices (advise the customer first).

**ryno267** · 03-23-2004 04:13 PM

you know.. i'm having the same problem...

What about getting a chained SSL for the main IP on the server? would that resolve the issue?

Right now I have a GeoTrust TrueBusinessID, which is on my .net domain (the same IP as whole server). I'm assuming I have to get a seperate IP only for the .net domain.
But i'm wondering if i can get one of those $35.00 chained ssl certs from freessl.com and protect the rest of the servers domains that will all be on one IP together?

any help would be great!

**whizkid** · 03-23-2004 04:22 PM

Unfortunately that would not work.

The whole point of SSL is for the CA to verify the identity of the Domain owner. This is why each domain requires its own cert.

There are *some* certs (VERY! expensive) that will cover all domains on a server, however, each one would have to be verified to be the same owner.

**ryno267** · 03-23-2004 04:24 PM

ya.. they're like $700 bucks... screw that...

**whizkid** · 03-23-2004 04:26 PM

yes, and unless all domains are registered to you, the cert woudln't work.

LinkBack

Thread Tools

Wrong site given through https

HTTPS vs. HTTP | This is just plain wrong. Help Please?

https://my-own-web-site.com/

https:// Points to wrong site

Site Address Pointing to the Wrong Site?!

Site showing up as the wrong site :/