views:

16

answers:

1

Hi all,

We've got an Asp.Net / IIS6 web application which sits on two servers in separate data centers on our intranet in an active-passive failover configuration. Lets call these servers MyAppSpringfield and MyAppShelbyville.

Now we've got a DNS name set up called 'MyApp', so that the users can simply access the application through http://myapp, and they don't need to know which server they're actually using.

Each month we swap the active and passive nodes around by changing the DNS entry, to keep in good practice for when the day comes that the active node dies for some reason.

Now we need to set up SSL for access to the application, but i've heard that HTTPS certificates are linked to a certain IP address or a certain application common name, so i'm worried this won't be possible, since the IP address that 'MyApp' points to will change every month.

Can anyone tell me if this is possible to set up SSL on those servers, in such a way that either IP will be fine with the cert and the users can simply access it via https://myapp ?

Thanks a lot

+1  A: 

I don't think you have a problem. I'm no SSL expert, but I believe it is tied to the domain name, rather than the IP. I've switched IPs and data centers on several sites recently with no problem as far as SSL Certs are concerned. The Cert isn't aware of the IP address when it is issued, only the domain name.

JasonS
Sounds promising! Thanks for sharing your experience.
Chris