Here's a discussion from west-wind.com/wwthreads that may help: Web Connection Re: Installing a cert - implications for website From: Darrell Gardner To: Chris ODonnell Attachments: None 02/16/2005 11:52:12 PM 1GA1F5T6R Chris, We resell certs, and for about 400.00 you can get a wildcard cert to cover any *.yourdomain.com . then you can have seperate sites completely such as you originally posted. Darrell Michael:
Thanks for the reply. I found an old post by Rick to a user who was getting the following message: Dialog Message: The page contains both secure and non secure items. Do you want to display the nonsecure items? And Rick's reply Make sure all your links in the page are relative links or also point to https: links to avoid this issue... The page should work fine with either setting unless you have some stuff that happens automatically (like JScript loading some other content) - usually its the images in the page that are the problem. +++ Rick --- Because of the structure of my site w/ the different "stores", i believe (need to review this) i will be using both relative and non-relative links. Have you had to wrestle with this in your calls to ExpandTemplate? Also, which certificate provider do u recommend (128)? But if the checkout process goes thru https://secure.mysite.com or https://www.mysite.com/secure, can i install the cert with "secure.mysite.com" or "www.mysite.com", depending on which checkout process i implement (assuming i can do either)? Is there an issue with having multiple stores (acme1, acme2, ...) and the cert installed as noted above? Yes. If you want multiple stores running on one certificate, you'll probably want to get a cert for "secure.mysite.com" and use stores arranged thus: https://secure.mysite.com/acme1 and https://secure.mysite.com/acme2 You can just as easily get a cert for www.mysite.com and use stores called https://www.mysite.com/acme1 and https://www.mysite.com/acme2, depending upon how you want to arrange things. HTH Kevin's off on this one - you can get a cert for "secure.mysite.com" and then create a single site that uses host headers and accepts SSL communications (or ssl only if you wish). You can indeed use host headers and SSL certs - <b>but only one SSL cert per IP address (or possibly one per machine)</b>. Multi-subdomain certs have recently become available again (at additional cost, of course). I have a Wk2003 webserver running IIS6, with one IP address. My site consists of several subdomains (terminology challenged) that looks like: acme1.mysite.com acme2.mysite.com acme3.mysite.com The A records setup by my DNS provider have it resolving to my www.mysite.com site. Each site visitor pulls the appropriate html template files, database, and images. at point of purchase, i want to run the visitor thru a checkout process at: secure.mysite.com which of course points back to my single IP address. My question is can i install a cert at secure.mysite.com? or must it be www.mysite.com/secure ? i realize that you cant use SSL with host headers, but i dont think its applicable here... is it? _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
