MOSS and SSL

I have the following MOSS server configuration:

1.  Primary site (Windows authentication) - access using  www.mydomain.com
2.  Extended site (uses forms authentications)  - access using
extranet.mydomain.com
3.  Mysite -  access using mysite.mydomain.com
4.  .NET applications (not MOSS related) - apps.mydomain.com

I know need to expose these 4 sites to the Internet and therefore wish to
secure the data being transfered with SSL.

I have had very little experience with SSL so I have a few questions:
1.  Do we need multiple SSL certificates or can 1 certificate cover the 4
subdomains?
2.  Do I just install the certificate into the IIS sites or do I also need
to make configuration changes in MOSS?    Specific steps would be helpful.
3.  Is there a way to force SSL connections for those who choose to access
from the Internet yet allow non-ssl connections for those who are connecting
from the LAN?   (btw:  server has 1 NIC and 1 Internal (LAN) IP address
currently;  I am not sure if I could get the company to install a 2nd NIC or
assign another IP to this box).

MOSS and SSL

See inline........

Regards

John Timney (MVP)
http://www.johntimney.com
http://www.johntimney.com/blog



Normally you would choose multiple certs and multiple nics to each unique
domain/subdomain name, but you can use whats called a wildcard certificate -
but they are usually very expensive!

2.  Do I just install the certificate into the IIS sites or do I also need

You install to IIS, there are settings in central administration where you
may set a use SSL option.


Yes, if you use something like ISA Server - you should ideally architect to
extend your secured app(s) to a designated DMZ for intranet access and keep
the rest of your intranet secured