Secure page, but not really - embed secure page in non-secure page

  • Thread starter Thread starter Scott Townsend
  • Start date Start date
S

Scott Townsend

We have a secure server that we use for Company A, though we inherited a
Site for Company B and want to be able to use the same secure Server. Since
the Certificates rely on the server FQDN name (secure.company.com) we dont
want that URL to show up in the address window for secure transactions for
company B.

What is the best practice way to use company A's Secure Server and not have
that URL show up in the Browser? Frame, Includes or?

Thank you,
Scott<-
 
There isn't a best practice way to do this. Most importantly, the "https" in
the URL will assure the user that the connection is secure. Why not use the
secure server to do the work, since you now own it?

--
HTH,

Kevin Spencer
Microsoft MVP
Professional Numbskull

Hard work is a medication for which
there is no placebo.
 
We do not want the Customers of Company B to know that we are also Company
A, So having Company A's Secure Server URL in the Address bar when you go to
use the Secure Server would look bad.

I was thinking that we could just have a Frame page that resides on Company
B's Site and it accesses the HTTPS of Company A and has both the Secure and
insecure content on the same page. I just don't know if Frames is the
preferred way to do it.

Both Company A and B have Public Sites on the same physical Server and the
Secure Server for Company A is also on the same server.

As a side Comment, is it possible for IIS6 (Win2003 R2) Server to have
Multiple Secure Sites on it? Seems like SSL/443 only allows one host
header. Even if we had 2 Certs on the server?

Thanks,
 
The you would have to get another SSL Certificate for Company B, as you really can not truly hide
the URL. Each site must be it on virtual web / IP Address for the SSL.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 
Back
Top