SSL, dedicated IP# and subdomains?


SereBlue
 Share

Recommended Posts

To have SSL on a site, I'd need a dedicated IP number for that domain.

 

I understand (correct me if I'm wrong) that if I have more than one domain for which I want SSL, I have to have a dedicated IP number for each domain.

 

Do I also need a dedicated IP number for each subdomain that has SSL?  For instance, given that I want to serve the following from my hawkhost account:

 

https://project1.mydevelopmentdomain.tld

https://project2.mydevelopmentdomain.tld

https://www.myproductiondomain.tld

https://myproductiondomain.tld

 

How many dedicated IP numbers would I need?  And does the answer change depending on whether I have separate certs for project1 and project2, or have a wildcard cert for everything on mydevelopmentdomain.tld?

 

(A note about my architecture: as the above suggests, I have a domain under which I do development work in subdomains.  This allows me to test that I have things running correctly on the server, expose projects to beta testers or clients, etc, as an intermediary step before deploying to the actual domains.  SSL is precisely one of the things I would be wanting to test; this came up when I realized that running under SSL would affect some logic of how I was handling the REFERER, and I'd better test before deploying to see if there were any other gotchas.  I am trying to figure out how much things cost so I can make informed decisions as to how much SSL I want to roll out.)

 

 

Link to comment
Share on other sites

  • 2 weeks later...

I understand (correct me if I'm wrong) that if I have more than one domain for which I want SSL, I have to have a dedicated IP number for each domain.

 

This is correct, you'd need an IP per SSL cert.

 

Do I also need a dedicated IP number for each subdomain that has SSL?

 

In our shared hosting environment you unfortunately would need an IP for each. If you'd like I can get a second opinion from one of our sysadmins to see if wildcard SSL certificates are supported, in which case you'd only need one IP and one SSL cert.

Link to comment
Share on other sites

You could use SNI to accomplish this now as well we do support that. I believe in cPanel it should allow you to install multiple SSL certificates using SNI under a single IP. I would keep in mind however under Windows XP and Internet explorer the user would not be able to view the sites over SSL.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share