My first post on this board. Hi Everyone!
I guess the first thing I need to do is find an ACME client for a Windows 2008R2 Server Edition running IIS7.5. Can anyone recommend one that they know works on this server?
I use a dedicated IP for each domain.
As my user name implies, I know little about SSL.
Thanks!
One really BIG question:
Will you be hosting more than just one site (SNI) ?
The reason I ask, is that IIS 7.5 will NOT support SNI.
[That means only one site will be hosted per port (per IP)]
So that would place a big fork in the roadâŚ
Requiring (at least) one of the following paths:
If you are only hosting one site, then you have some choices:
[scroll down to âWindows / IISâ]
In answer to your BIG question: I will be hosting one site per IP. However, two of my IPâs are shared with name servers (NS1 & NS2). Based on this, how can I proceed? Thank you for your help.
As you have a dedicated IP for each domain this should be ok using either https://certifytheweb.com (my app) or https://github.com/PKISharp/win-acme as these are both commonly used on server 2008 r2. There are specific requirements for .net framework depending on the app so you need to be able to install the best available for your OS.
As Iâm biased towards Certify, try that and see how you get on with one site, then add another - it should auto configure the https binding to the correct IP but let me know if it doesnât. The most common problem on server 2008 (or r2) is a binding conflict. If you maintain one IP per cert binding then it will be OK but if you start seeing one site serving the certificate for another site you know youâve got a binding conflict to sort out.
p.s. if you can conceivably move to a more recent version of windows then please do. There is only 1 year left of patches from Microsoft then they wonât be updating it at all, which is inappropriate for a device connected to the internet.
Do you mean rDNS or the IPs host DNS services? or what?
[The main issue with IIS 7.5 is only with HTTPS]
rg305 here is an example of what I mean:
IP 11.22.33.44 domainA.com, NS1.domainB.com
IP 11.22.33.45 domainB.com, NS2.domainB.com
Will the above configuration cause problems?
I think I will start with certifytheweb. If I have trouble installing it, I might like to ask your help 
No.
Even if you expect to host https sites on those names.
[since each name has its' own IP]
The problem arises when using more than one name on the same IP (for https).
When you said â(my app)â I thought you meant the one you were âusing.â Now I see that you are the app!!
It says âmanaging up to 5 certs.â What is you have more?
By the way, I tested one site and it works great. Even an SSL dummy can manage it!!
Itâs actually 10 managed certs in the free version, the text is out of date in the current release. In the future it may have no limit at all but yes this is software you can use for free or you can pay for a license key and unlock unlimited managed certificates. For the majority of users the free version is ideal however businesses running many sites or requiring support often prefer to purchase a key.
I have only used your app and am in no position to judge which are good, but everything went well. Thanks!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.