Tuesday, September 11, 2012

Windows Server 2012 IIS8 Server Name Indication

A new version of Windows Server is about to become upon us, Windows Server 2012 and with this a new version of Internet Information Services (IIS), version 8.  IIS8 comes with a new cool feature called Server Name Indication (SNI).

In pervious versions of 5, 6, 7, 7.5 etc we have always had the ability to host multiple web sites under same IP address/port using HTTP/1.1 virtual hosting, i.e."Host Headers" where the web server looks at the DNS address entered into the Internet Browser and forwards the user to the appropriate site.  Of course if a user accesses a website by IP, the Host Header will not work.

IIS has supported utilising Host Headers for HTTPS sites also for quite some time, however this has always been harder to configure with manual editing of the IIS metabase being required in previous versions of IIS, see http://clintboessen.blogspot.com.au/2009/03/how-to-setup-ssl-host-headers-iis6.html.  However although SSL Host Headers were supported there was one problem which administrators faced.  There was no way to sign a different digital certificate for each HTTPS website.

Now with IIS8 in Windows Server 2012, a new feature has been added tha extends the SSL and TLS protocols to indicate what hostname the client is attempting to connect to at the start of the handshaking process.  This allows the IIS8 server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites to be served off the same IP address without requiring all those sites to use the same certificate.  Multiple digital certificates assigned to the same the same IP/Port - very cool.

I'm sure we will see many changes to applications which leverage IIS adopting this new technology.

5 comments:

  1. Great blog post.. good to know! Better dust off my testing machines for some Windows Server 2012 experimentation.

    A list of which browsers support this would be very handy... I can only presume IE 10 is the top of the list :)

    ReplyDelete
    Replies
    1. windows 10 pro product key sale , vista home basic , windows 8 genuine product key purchase , free active key window 7 ultimate , key win 7 professional 32 bit , office 2016 product key , windows 7 activation key stor , free genuine product key for windows 7 ultimate 32 bit , lbcITQ

      Delete
  2. Hi Trent,

    The following browsers are supported:

    Internet Explorer 7 or later, on Windows Vista or higher. Does not work on Windows XP, even Internet Explorer 8.
    Mozilla Firefox 2.0 or later
    Opera 8.0 or later (the TLS 1.1 protocol must be enabled)
    Opera Mobile at least version 10.1 beta on Android
    Google Chrome (Vista or higher. XP on Chrome 6 or newer.[6] OS X 10.5.7 or higher on Chrome 5.0.342.1 or newer)
    Safari 2.1 or later (Mac OS X 10.5.6 or higher and Windows Vista or higher)
    Konqueror/KDE 4.7 or later
    MobileSafari in Apple iOS 4.0 or later
    Android default browser on Honeycomb (v3.x) or newer
    Windows Phone 7
    MicroB on Maemo

    ReplyDelete

  3. product key for windows 7 home premium free , rosett astone spanish latinamerica key , windows 8 key sale , windows 10 serial keys , windows 10 product key upgrade from 8.1 , keys of windows 7 professnal , windows 10 product key ending in 243 , office 2013 activation keys , wwiEX7

    office 2013 product key

    windows 10 enterprise key

    vmware workstation 11 to buy

    ReplyDelete