Welcome to HostingForumz.com!
FAQFAQ   SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log in/Register/PasswordLog in/Register/Password

SSL on non-standard port question

  
   Web Hosting Problem Solving Community! (Home) -> IIS RSS
Next:  IIS: IIS not returning icons, aspx site  
Author Message
Ryan

External


Since: Nov 02, 2006
Posts: 17



(Msg. 1) Posted: Thu Aug 02, 2007 2:30 pm
Post subject: SSL on non-standard port question
Archived from groups: microsoft>public>inetserver>iis (more info?)
I have one (1) public IP address running through a NAT router, and three (3)
private network sites set up on my server:
--> default - LAN IP: all unassigned - SSL: 443
--> companyweb - LAN IP: 192.168.1.1 - SSL: 444
--> newsite - LAN IP: 192.168.1.2 - SSL: 4433

My question is... will a certificate work with 'newsite' using this set-up?
And if so, what special process, if anything, will need to be done when
requesting my certificate for port 4433?

 >> Stay informed about: SSL on non-standard port question 
Back to top
Login to vote
Ryan

External


Since: Nov 02, 2006
Posts: 17



(Msg. 2) Posted: Fri Aug 03, 2007 9:34 am
Post subject: Re: SSL on non-standard port question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
I understand what you're saying about the public ip, how the port will be
needed, and how I will in fact get an error, but I am not looking for the
site to be accessed by the public. So being that 'newsite' is a private
intranet...

1) How can I prevent public access to the port, if possible?
2) Will I experience the same domain forwarding issues for clients accessing
via VPN?

Also, if not a problem, I not that up on VPN so if you could direct me to an
article explaining the in and outs of setting up VPN access on a new intranet
site.

Thanks in advance.

 >> Stay informed about: SSL on non-standard port question 
Back to top
Login to vote
kenremove

External


Since: Aug 23, 2003
Posts: 3041



(Msg. 3) Posted: Fri Aug 03, 2007 1:50 pm
Post subject: Re: SSL on non-standard port question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
When you request a certificate, you only need to enter the "common name" of
the site. the port is irrelevant.

You can access this site as:
https://newsite:4433/

That said, obviously "newsite" is not resolvable on the public internet, so
when you port forward port 4433 to your internal site, you'd probably access
the site as http://xx.xx.xx.xx:4433/ (where xx.xx.xx.xx if your public IP
address), and you'd get an error saying that "xx.xx.xx.xx" does not match
the common name in the certificate that is being presented, and asking you
whether you still wish to visit the site or not.

Cheers
Ken

"Ryan" <Ryan.DeleteThis@discussions.microsoft.com> wrote in message
news:A7A12922-8EE0-4A31-B3C2-7498FB75FECB@microsoft.com...
>I have one (1) public IP address running through a NAT router, and three
>(3)
> private network sites set up on my server:
> --> default - LAN IP: all unassigned - SSL: 443
> --> companyweb - LAN IP: 192.168.1.1 - SSL: 444
> --> newsite - LAN IP: 192.168.1.2 - SSL: 4433
>
> My question is... will a certificate work with 'newsite' using this
> set-up?
> And if so, what special process, if anything, will need to be done when
> requesting my certificate for port 4433?
 >> Stay informed about: SSL on non-standard port question 
Back to top
Login to vote
kenremove

External


Since: Aug 23, 2003
Posts: 3041



(Msg. 4) Posted: Sat Aug 04, 2007 2:55 am
Post subject: Re: SSL on non-standard port question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
"Ryan" <Ryan DeleteThis @discussions.microsoft.com> wrote in message
news:CA46E77E-D6B1-4C05-A9F5-567B9AF12DFB@microsoft.com...
>I understand what you're saying about the public ip, how the port will be
> needed, and how I will in fact get an error, but I am not looking for the
> site to be accessed by the public. So being that 'newsite' is a private
> intranet...
>
> 1) How can I prevent public access to the port, if possible?

If are behind a NAT router, then simply do not "port forward" anything to
your internal "newsite"

> 2) Will I experience the same domain forwarding issues for clients
> accessing
> via VPN?

That depends entirely on how you configure your site. VPN technology has no
effect on accessing a site via SSL.


> Also, if not a problem, I not that up on VPN so if you could direct me to
> an
> article explaining the in and outs of setting up VPN access on a new
> intranet
> site.

VPNs have nothing to do with accessing an intranet website. VPNs are about
logically connecting a physically remote client to your internal network.
Once they are connected, they act just like any other client on your
internal network.

Cheers
Ken
 >> Stay informed about: SSL on non-standard port question 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting Problem Solving Community! (Home) -> IIS All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]