NimbostratusRequired Multiple SSL certificate or SAN name update on VIP ?
Hi ,
Please help in clarify the below query.
I have a VIP which has servers (webfarm) used for re-direction of legacy website to new websites. Here multiple website are being re-directed to new websites.
Client side SSL Certificate attached to this VIP has www.abc.com & abc.com SAN name in it. CN: name is www.abc.com.
we see error below error, when user types https://www.xyz.com
" This server could not prove that it it www.xyz.com; its security certificate is from abc.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to www.xyz.com(unsafe)"
when user click to proceed, its is again redirecting to new website with no issue.
Here i wanted to get rid of SSL error which is obviously coming from VIP. I wanted to know, if SAN name update with www.xyz.com and xyz.com will solve the case or we need to have multiple certificate applied to VIP. I also checked something on SNI but i'm not aware on it much and never implement one.
It is like:
User ->https://www.abc.com->VIP(SAN: abc.com)-> No error.
User -> https://www.xyz.com-> VIP(SAN: abc.com)-> getting SSL error as mentioned above.
VIP has IIS servers in pool which do re-direction from legacy to other websites.
Please suggest.
Regards,
Raj
