Solved

Godaddy certificate help???

Posted on 2010-09-16
7
766 Views
Last Modified: 2012-05-10
Hi,

I have created a Go Daddy certificate and assigned it to Remote.CompanyName.Co.Uk.  However the autherization has failed with go daddy. some of the details dont match.  Go Daddy has sent a email explaining how we can create a cname with a special code (which they attached with the email) to prove we have control of the site.

These are the instructions go daddy sent us.  

Domain Zone Control Validation w/CNAME

1.      Access the DNS records for your domain name and create a "CNAME" (defined below) using the special code you received in your email.
2.      After you have created the CNAME using the special code, log into your account, and click on the pending request for your common name.  You will be presented with several options.  Click on the link “Domain Zone Control w/CNAME”.  If your CNAME entry is unable to be verified, you will be presented with an error, otherwise you will be taken back to the main certificate management page.  Please allow a few minutes for the status of your account to be updated.

What would we enter for our cname? lets say our special code was xxxx.   On our DNS control panel provided by our suppier we have "Origin", "Target", TTL?
0
Comment
Question by:resolver1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33691676
host1.mycompany.com.uk   CNAME   www.mycompany.com.uk
CNAME records are just a way for outside people to find the server that you're running your service on, the example above is one of the most common as many people have company hosted websites that are on a server in their network.

I'm sure your provider would be more then willing to help you setup a CNAME, just give them a ring.

Shooter
0
 

Author Comment

by:resolver1
ID: 33692048
my problem is im not sure what im suppose to be telling my hosting provider.  I dont understand what go daddy are asking me to do.  The hosting provider have 3 fields (below) to create Cnames, what should i tell them i want in those fields?

Fields are:

Origin
Target
TTL
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33692424
Origin = FQDN of machine that you're going to CNAME
Target = CNAME you wish to use for your Cert
TTL = Time To Live setting, this can be set at roughly 2 days, that way DNS servers will check for a change in DNS setting for that name every 2 days.  This is about the norm.  If you were planning on switching CNAMES all the time you would want to tweak that a bit more, common setting though is about 2 days.

Shooter
0
Increase Agility with Enabled Toolchains

Connect your existing build, deployment, management, monitoring, and collaboration platforms. From Puppet to Chef, HipChat to Slack, ServiceNow to JIRA, Splunk to New Relic and beyond, hand off data between systems to engage the right people.

Connect with xMatters.

 
LVL 9

Expert Comment

by:CLoz
ID: 33693831
First I think GoDaddy's instructions to you are if they are the ones hosting your DNS but from your input it doesn't look like they are.  
Second a CNAME will not resolve a FQDN mis-match between the certificate and host name being entered into the browser.  If the user is going to Remote.CompanyName.Co.Uk and the certificate is for Host1.CompanyName.Co.Uk  a CNAME will only help them resolve the IP address but the browser with still complain that the host name and certificate do not match.  CNAMEs do not redirect the users to the correct host name.
0
 
LVL 12

Expert Comment

by:Chris Staunton
ID: 33694320
There should be no mismatch as the website should have the host header information pointing to the CNAME and not the FQDN.
0
 
LVL 9

Expert Comment

by:CLoz
ID: 33695378
The CNAME target has no baring on the SSL Certificate.  The FQDN/Hostname in the URL needs to match the common name on the Certificate.  
So again.  If the user is pointing to Remote.CompanyName.Co.Uk and the certificate is for Host1.CompanyName.Co.Uk they will get a SSL warning.  Creating a CNAME record: 'Remote.CompanyName.Co.Uk CNAME Host1.CompanyName.Co.Uk' will not resolve the certificate warning generated by the application when it received the certificate from the server containing the common name Host1.CompanyName.Co.Uk , but the URL in the browser or application contains the FQDN: Remote.CompanyName.Co.Uk.
0
 

Accepted Solution

by:
resolver1 earned 0 total points
ID: 33732783
OK I resolved the issue with SSL authorization with Godaddy .  Godaddy wanted me to create a Cname (with the special code godaddy emailed) to prove I had control over the domain.  This is the cname i created:

Origin <Specialcode>.companyname.co.uk  Tartget: remote.companyname.co.uk.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question