Using wildcard certificates

Applies To: Forefront Threat Management Gateway (TMG)

When you use Forefront TMG to securely publish multiple Web sites with different host names, you can use multiple SSL server certificates with different names in a single Web listener for the SSL handshake with Web clients. However, when multiple SSL server certificates are specified in a single Web listener, you must assign each certificate to a different IP address on the Forefront TMG computer. Alternatively, you can securely publish multiple Web sites with different host names by using a single Web listener if you specify a wildcard certificate in the Web listener.

Similarly, when you publish multiple Web sites with different host names on the same Web server, you can install a wildcard certificate on the Web server that can be used to prove the identity of the Web server to the Forefront TMG computer.

The following topics provide instructions for using wildcard certificates.

Concepts

Publishing Web servers over HTTPS