2 SSL sites or 1?

I have an industry specific, closed source shopping cart running on Windows 2003/MS SQL/IIS with SSL. I am going to switch the main site to a CMS with it's own cart which I want to use for my non-US customers. My issue is that I understand SSL certs can only be for one secure site, even though you can have other non-ssl sites on the server. If I run the CMS on this server, is the cart portion going to be considered a 'separate' site from my existing cart? I don't see how I can put only the secure portion of the CMS under the same SSL (and subdomain) as the existing shopping cart. But I don't claim to know how this works, hence the question. The other option is to put the CMS on another machine with it's own SSL cert, but I'd rather consolidate on one machine if possible. thx.

 

I think you're right. Thank you. I just found out there are some issues with running this cms on ms sql, so I may not want to bother with that issue and this one, but.....
The CMS would be in it's own folder. The existing cart is in it's own folder. Can I make the cms cart come up under the existing ssl subdomain? (i.e., without adding another IP and ssl cert ...and, I guess, another ssl subdomain). Can I do that without putting the whole cms behind the ssl? How? If the additional ip / ssl cert / subdomain is the best way to go, fine. I just want to understand my options. thx

 

The vast majority of my web development is on intranets and I've done relatively little with SSL.

However, I believe the SSL certificate is assigned to the domain. Therefore, if you host the new application within a sub-section of the domain, then you can use the same SSL certificate with the new application.

So say your current application uses the root domain www.mysite.com, then you can host your new application (lets call it 'thing') in a sub-folder of that site:

www.mysite.com/thing

If you new application is at this address, it can use the same SSL certificate as the current one.

You do not have to put the application in a physical subfolder of the current application to achieve this. You can use virtual directories in IIS to map the new application to the new URL. Create a new virtual directory, call it 'thing' and map the new application to the new Virtual directory.

You can do the same sort of thing with Apache using virtual hosts with the same root URL but different subfolder URLs.

If you need to use a different domain, you'll need another SSL certificate I believe.

 

Thank you. I will pursue this option.