While many of us are waiting on some of the great
Extranet-mode improvements in WSS SP2 (like support for fixed IP addresses, port translation, etc), there was another change that occurred recently that can potentially be quite useful. See
Maurice's post about SP2 for more information on what's in there. This change was implemented with Windows 2003 SP1 and will actually be very helpful for those of you using <plug for='marketing guys'>SharePoint Products and Technologies</plug> in the Extranet.
As many of you who know and love IIS are familiar with, since the beginning of time, or around 1995 when IIS first showed up, you could not use Host Headers with SSL. The reason for that is because the host header information was encrypted in the packet before IIS unlocked it, so it could not be used to redirect traffic. Responding to its 10-year itch, the IIS team has come through BIG TIME with some help.
SP1 now supports the use of Host Headers with SSL secured by wildcard certificates. So what does that mean? If you are wanting to host multiple SharePoint sites on the same physical server and they require SSL, you may be able to get relief now instead of waiting for WSS SP2. It just requires that your sites will be using a common DNS namespace (i.e. *.foo.com, *.bar.net, etc.).
The steps simply stated are:
1. Install Windows 2003 SP1.
2. Update DNS with an entry for each Host Header name; the IP for each entry will point to the same server (or Virtual IP if you are using load balancing).
3. Obtain a wildcard SSL certificate for your domain and install it on your web front end(s).
That's it - you're finished! You can now use multiple virtual servers with SSL and SharePoint, and not have to wait for WSS SP2. We've done some initial testing with this in our lab configuration and found it to work quite well.
Steve