Solved

Self Signed Certificate SBS 2003 with multiple names

Posted on 2011-02-16
4
957 Views
Last Modified: 2012-05-11
IS it possible to have a self signed certificate with multiple name?  I bought a cert yrs ago from geo trust for sbs that allowed multiple friendly names so I could go to https://www.whatever.com   as well as https://lanserver  and not get the red bar.  Since that cert expired I have been using a self signed one, but I am unsure how to make it work for both public and local sites since they are the same site.  Right now I get the red bar because the local name doesn't match the name on the cert.  How can I fix this?  I am also using ISA 2004 so I assume I would need to add this cert to the "web listener" as well.  

I guess at the end of the day I could use the public domain name on the local network.  I just know my old cert worked so i know there is a way to make this work.  If it is going to cost I will just deal with more typing.  Just most of the SBS programs etc setup to use the local server name.  Just thought it would make life easier.
0
Comment
Question by:squashie8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 5

Accepted Solution

by:
lscarbor earned 250 total points
ID: 34916076
My understanding is that it is very difficult if not impossible in SBS 2003 to get one set up. In 2008 you can use power shell and get it done.
I've seen it done with DNS using an internal forward domain matching the external domain so that server.domain.xxx points to the ip of the internal unit. The red bar still popped up here and there because the server wasn't actually named the same as the cert request.

This isn't a bad alternative:
You can currently get a GoDaddy cert for $13. The correct type will allow multiples.  
http://www.godaddy.com/Compare/gdcompare_ssl.aspx?isc=sslqgo001a

That offer has been around one way or another for several years now if you search for coupon ssl godaddy

I'm sure there are other alternatives as well.
0
 

Author Comment

by:squashie8
ID: 34922779
I will accept your solution because I may actually go that route; However, I did find some information in a Microsoft KB.  I will post it in case it helps someone.  Since I have the certificate authority alreayd installed I may give this a shot.

http://support.microsoft.com/kb/931351 
0
 

Author Closing Comment

by:squashie8
ID: 34922787
The accepted solution was an alternative to what I wanted to do and I actually found some information that may give me the solution
0
 

Author Comment

by:squashie8
ID: 34923009
Ok just finished folloing the directions and installed the certificate on my ISA server and webserver.  Works like a champ!  Hope it helps others.
0

Featured Post

Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question