Link to home
Create AccountLog in
Avatar of Rob Rudloff
Rob RudloffFlag for United States of America

asked on

ssl cert for AD intranet without domain name ?

Hi.  I'm new to SSL & web development so here's my situation/question :

We have IIS set up on an internal Active Directory domain called "mybiz.local" where we have many Windows Servers (IIS7 hosting intranet apps, SQL, fileservers, etc.)  Applications on these servers can get out to the Internet.  We have a firewall appliance in place.

Our website "mybiz.com" is hosted on Bluehost, and that website is completely separate from the internal servers at mybiz.local -- mybiz.com is just a few webpages with no data or connectivity to our actual company servers.

We are going to put a .NET application on the mybiz.local IIS server.  This app will send and receive credit card transactions to third-party credit card processor "FirstData".   FirstData requires we have an SSL cert.

My assumption: Since the SSL cert is for a server with no real web address, will that work?  I mean, our IIS server has an internal address (10.9.8.7), and our location has a fixed Internet IP (72.72.72.72) but no registered domain name points to that IP.

Is there an SSL cert that works in this instance?
Do I need to register another domain name to point to our "internal network" ?  Or perhaps point a subdomain like "myiis.mybiz.com" to our IP & internal IIS server?

Thanks.
(note: all names and IP addresses have been changed to protect the innocent)
SOLUTION
Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of Rob Rudloff

ASKER

I am assuming that after we send some data to FirstData, they will send back a reply with a Credit Card approval code, transaction number, etc.    So, when we send our credit card data, is an SSL cert being sent along too, or a pointer/reference to our SSL cert?    

I understand that SSL-secured data is sent through Port 443, and that data is using the SSL protocol.   So, if I have port 443 open in my firewall, does that port need to point/forward to a specific "certificate server" or something?  

I believe we use port 443 for our SSL VPN, but I believe we have a "self-issued cert" for our VPN ... I am pretty sure we can change the VPN to use some other port, if need be.
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks.  That points me in the right direction with all this.  I will try to post a description of what is ultimately put in place for us.