marvin
By:
marvin

ssl and none ssl websites with one IP

July 4, 2014 1.3k views

Hey, so we host some websites that we feel it is worth to purchase SSL-certs for and other where it is not worth it.

In the past we did this by having one ip for http only and one for SSL enabled sites.
However since DO does not allow multiple IPs is there an other way?

2 Answers

You can host both ssl-enabled and http-only sites on the same IP address simultaneously, but trying to browse an http-only site will serve one of the ssl-enabled sites so you will get a warning that the certificate does not match the site you're visiting.

Unfortunately, it's not possible to "fix" that unless you move the ssl-enabled sites to a separate droplet.

  • Unfortunately, it's not possible to "fix" that unless you move the ssl-enabled sites to a separate droplet.

    So, why doesn't DO allow to add a second ip to a droplet?

I'm also trying to find some solution to this problem, i think the alternative is by using :

  1. Separate droplet for that domain - the problem is have to setup new server again and installing and maintain bla bla bla, the plus side is have another backup droplet...

  2. Using multi-domain SSL - nameche** PositiveSSL Multi-Domain service for about 29.88 USD. The negative side is not all old browser support this like one from XP (sadly still a lot of computer using XP nowadays).

  3. Using single domain SSL certificate on that droplet for that domain only - won't be problem as long as you don't add another https certificate for another domain on that droplet (based on customer chat service on nameche** web).

Anyway thats just my though as i'm facing the same problem right now when my customer ask me for SSL certificate, please correct me if i'm wrong and suggest us with more alternative that doesn't break the bank.

Have another answer? Share your knowledge.