Question : Can I use multiple SSL Certificates in IIS 7 on a web farm with software NLB?

Hi All,

I have two Windows Server 2008 servers serving content through a software NLB. Currently I serve a number of sites and one secure site on one public IP address. The public IP address is natted to a Private IP address which the two servers receive requests on, through MS NLB. Each of the servers has a single Primary Private IP address.

I have seen some blogs etc out there that hint that you can use two SSL certificates on a single IIS server, but I have tried numerous combinations of IP addressing and manual edits in the config files to only receive 404 errors, or have both sites server the same content.

I understand that SSL binds to a port/IP address combination, and have tried all different kinds of binding changes in the ApplicationHost file. But as yet without success.

Does anyone know if this is in fact possible? Or is the NLB part of the setup going to mess it all up no matter what? I have access to more IP addresses and can change any firewall rules I wish.

Any help much appreaciated.

Answer : Can I use multiple SSL Certificates in IIS 7 on a web farm with software NLB?

Hi jeremyu. For IIS, yes you can have two/multiple SSL install to different site entries without any issue, but one thing that you need to concern is that each SSL would need to associate with a separate Static IP, for example, you have 123.com and abc.com hosted on your IIS server, and both of them has their own SSL, then you would need to assign two different static ip to them, say
192.1.1.12 for 123.com
192.1.1.13 for abc.com
But remember one thing is that these two Static IP must not be used by other IIS entries, that's mean you can use 192.1.1.1 to 192.1.1.11 and 192.1.1.14 to 192.1.1.254 for other IIS entries. Hope this help you understand the logic. ^.^