Hosting someone elses SSL cert in IIS to allow https hosting on their domain from your own server_问答_开发者

Hosting someone elses SSL cert in IIS to allow https hosting on their domain from your own server

开发者 https://www.devze.com 2022-12-15 21:29 出处：网络

Currently customers have sites on my domai开发者_开发技巧n like https://customername.myapp.com. I\'d like for them to be able to upload an SSL cert and then access my site via https://myappname.custom

Currently customers have sites on my domai开发者_开发技巧n like https://customername.myapp.com. I'd like for them to be able to upload an SSL cert and then access my site via https://myappname.customername.com - how would one go about doing this programmatically in .NET/IIS 7?

bump

So I might have an answer for you but it doesn't necessarily involve .NET/IIS 7.

I'm not quite sure what the end goal is here, but I'll take a stab at it. It sounds like you want customers to go customername.myappname.com and have it show myappname.customername.com's content? You don't simply want to redirect them? Do you have a trusted SSL certificate for myapp.com? If you do, then there's a way you can extend that trust to the myappname.customername.com websites.

Assuming your customers don't want to have to pay for SSL certificates for their websites, you could have them generate self-signed certificates (or create your own CA and sign their certificates) and upload them to your website. Then, using a combination of JavaScript and Flash you could do cross-domain requests from your website to theirs over SSL.

The way this would work:

A customer would go to your website myapp.com. From there (or from customername.myapp.com if you have a wildcard SSL certificate), they could login or just click on their name. Doing so would load a page with a JavaScript implementation of SSL, Flash swf, and the SSL certificate associated with that customer. Then the JavaScript SSL would do cross-domain ajax requests to the customer's site and show their content on myapp.com. This would enable a secure connection to their website via your website.

There's another bit of complexity that you might not be able to support in your use case, however. You need your customer's websites to be able to serve an XML file that contains a Flash cross-domain policy. This policy would specifically grant your site access to theirs.

The JavaScript TLS (SSL) and Flash you would host on your website are part of an opensource project called Forge. This blog post explains how it works in further detail and provides a link to Forge on github:

http://blog.digitalbazaar.com/2010/07/20/javascript-tls-1/

Most of this stuff is done using client-side JavaScript, but you'd use .NET/IIS 7 to provide your customers with the page to upload their SSL certificate.