dev_meddiff
asked on
HTTPS configuration for simultaneous access over LAN and Internet.
How to configure SSL/HTTPS for LAN as well as Public IP without showing certificate error?
Web server: Apache 2.2.22
Web server: Apache 2.2.22
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Alternatively:
1) If your website server and office LAN share the same gateway (router) to the outside world, and it supports a hairpin NAT rule you could simply add a rule to permit bodies on the LAN to use the external hostname e.g. http://wiki.mikrotik.com/wiki/Hairpin_NAT
2) Depending on how you handle the http <-> https redirection, obtain a second signed SSL certificate for the internal name, and add a new name based Virtual Host definition to your apache httpd.conf, and include the new certificate.
1) If your website server and office LAN share the same gateway (router) to the outside world, and it supports a hairpin NAT rule you could simply add a rule to permit bodies on the LAN to use the external hostname e.g. http://wiki.mikrotik.com/wiki/Hairpin_NAT
2) Depending on how you handle the http <-> https redirection, obtain a second signed SSL certificate for the internal name, and add a new name based Virtual Host definition to your apache httpd.conf, and include the new certificate.
First, make sure you have a signed certificate from a trusted authority with the FQDN.
In DNS, create a new forward lookup zone with the exact FQDN of your server (internet facing just like your certificate).
Then create an a record, level the hostname blank, and enter the internal IP address of the server.
Now when you access the server, use the FQDN on the LAN or the WAN. Since the certificate will match the web address, no certificate error!
Thanks,
S.