cnl83
asked on
Installing SSL on my RDP server
I need to install an SSL certificate on my RDP server, however it seems like its needs a domain associated with it. I have no domain except my local domain. I assume I would just be using my WAN IP.
Mydomain.local
1) Is the lack of a domain name pointing to my server going to cause issues for me.
2) Do I just purchase a ticket from Godaddy and that will encrypt my RDP server?
Mydomain.local
1) Is the lack of a domain name pointing to my server going to cause issues for me.
2) Do I just purchase a ticket from Godaddy and that will encrypt my RDP server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I don't want any kind of web traffic. I don't want to setup a web server or anything like that.
If I understand correctly you want to make your server accessible to external connections using its IP address and for this to be secured by a SSL certificate. In order to do this you would need your IP address available externally and to accept traffic from the web on port 3389. This doesn't require the setting up of a web server. However, to configure an SSL certificate on your server (either installed on your firewall if using something like TMG, or on a Terminal Services Gateway), your external IP address will need to resolve to a domain name. That doesn't mean that you have to run a website, publish any content on port 80, or receive any kind of web traffic (other than the RDP traffic), just that the domain name will resolve to your external IP and thus allow you to purchase a certificate as per your requirement.
ASKER
I have a SONICWALL firewall. Your saying I can install the ssl there?
I'm not familiar with Sonicwall firewalls but I believe you can, yes.
You would want to install the SSL on the machine that is being connected to (the RDP server), regardless of how you get there. Installing it on the firewall itself will not help secure the connection to the RDP server.
ASKER
GEOSTRUST doesnt support internal domain names.
geotust.jpg
geotust.jpg
ASKER
Ok, so I tried verisign's trial certificate but the configuration issue with a real domain seems to come up, so my first fear is confirmed. That took me down rabbit holes that go to far.
That is why I advised you that you will need a domain name. That doesn't mean you need a web server or to accommodate lots of web traffic.
2. Not all providers will provide certificates for .local domain's. In the past I have purchased certs for local domains through www.digicert.com and networksolutions.com I don't know if Godaddy will provide SSL certs for .local domains since they are unable to verify that they exist or that you own it.