Solved

Godaddy certificate help???

Posted on 2010-09-16
7
763 Views
Last Modified: 2012-05-10
Hi,

I have created a Go Daddy certificate and assigned it to Remote.CompanyName.Co.Uk.  However the autherization has failed with go daddy. some of the details dont match.  Go Daddy has sent a email explaining how we can create a cname with a special code (which they attached with the email) to prove we have control of the site.

These are the instructions go daddy sent us.  

Domain Zone Control Validation w/CNAME

1.      Access the DNS records for your domain name and create a "CNAME" (defined below) using the special code you received in your email.
2.      After you have created the CNAME using the special code, log into your account, and click on the pending request for your common name.  You will be presented with several options.  Click on the link “Domain Zone Control w/CNAME”.  If your CNAME entry is unable to be verified, you will be presented with an error, otherwise you will be taken back to the main certificate management page.  Please allow a few minutes for the status of your account to be updated.

What would we enter for our cname? lets say our special code was xxxx.   On our DNS control panel provided by our suppier we have "Origin", "Target", TTL?
0
Comment
Question by:resolver1
  • 3
  • 2
  • 2
7 Comments
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33691676
host1.mycompany.com.uk   CNAME   www.mycompany.com.uk
CNAME records are just a way for outside people to find the server that you're running your service on, the example above is one of the most common as many people have company hosted websites that are on a server in their network.

I'm sure your provider would be more then willing to help you setup a CNAME, just give them a ring.

Shooter
0
 

Author Comment

by:resolver1
ID: 33692048
my problem is im not sure what im suppose to be telling my hosting provider.  I dont understand what go daddy are asking me to do.  The hosting provider have 3 fields (below) to create Cnames, what should i tell them i want in those fields?

Fields are:

Origin
Target
TTL
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33692424
Origin = FQDN of machine that you're going to CNAME
Target = CNAME you wish to use for your Cert
TTL = Time To Live setting, this can be set at roughly 2 days, that way DNS servers will check for a change in DNS setting for that name every 2 days.  This is about the norm.  If you were planning on switching CNAMES all the time you would want to tweak that a bit more, common setting though is about 2 days.

Shooter
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 9

Expert Comment

by:CLoz
ID: 33693831
First I think GoDaddy's instructions to you are if they are the ones hosting your DNS but from your input it doesn't look like they are.  
Second a CNAME will not resolve a FQDN mis-match between the certificate and host name being entered into the browser.  If the user is going to Remote.CompanyName.Co.Uk and the certificate is for Host1.CompanyName.Co.Uk  a CNAME will only help them resolve the IP address but the browser with still complain that the host name and certificate do not match.  CNAMEs do not redirect the users to the correct host name.
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33694320
There should be no mismatch as the website should have the host header information pointing to the CNAME and not the FQDN.
0
 
LVL 9

Expert Comment

by:CLoz
ID: 33695378
The CNAME target has no baring on the SSL Certificate.  The FQDN/Hostname in the URL needs to match the common name on the Certificate.  
So again.  If the user is pointing to Remote.CompanyName.Co.Uk and the certificate is for Host1.CompanyName.Co.Uk they will get a SSL warning.  Creating a CNAME record: 'Remote.CompanyName.Co.Uk CNAME Host1.CompanyName.Co.Uk' will not resolve the certificate warning generated by the application when it received the certificate from the server containing the common name Host1.CompanyName.Co.Uk , but the URL in the browser or application contains the FQDN: Remote.CompanyName.Co.Uk.
0
 

Accepted Solution

by:
resolver1 earned 0 total points
ID: 33732783
OK I resolved the issue with SSL authorization with Godaddy .  Godaddy wanted me to create a Cname (with the special code godaddy emailed) to prove I had control over the domain.  This is the cname i created:

Origin <Specialcode>.companyname.co.uk  Tartget: remote.companyname.co.uk.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question