Multiple SSL Certificates for Different domain on IIS (Amazon EC2)

Tag: iis , amazon-web-services , amazon-ec2 Author: lx2215154 Date: 2013-06-26

I have multiple sites that need to have SSL certs installed on them but Amazon EC2 only allows one public IP. I can't use SNI since I need to support IE 7 and up. Is there a way I can have one instance with multiple domains each having SSLs?

Best Answer

Here is what I followed. I made a Private IP and another Elastic IP address that points to that private IP on the same Instance and followed these instructions http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/config-windows-multiple-ip.html

Other Answer1

One way around this is to use a UCC Certificate which will validate multiple domains.

This is very simple to set up as you serve up the same certificate for every domain but there a couple of wrinkles that may or may not matter in your case:

  • The certificate "Issued To" information will only list the primary domain name. A user would have to view the detailed certificate information to see this - the browser will correctly show the current domain as "verified".
  • All of the domains are listed in the certificate, so if you do not want sites to appear 'connected' to each other, you should not use this type of certificate. Once again, the user would have to display the certificate details to notice this.