Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

SSL Cert on internal Ebusiness server behind sonicwall

Posted on 2014-03-06
1
Medium Priority
?
589 Views
Last Modified: 2014-03-07
We have a Server 2008 server behind a firewall with port forwarding (80, 8080, and 443). We are running an E-business site that is intended to go Live in a few days. We ahve purchased an SSL cert from GoDaddy.

In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?

Should a self-assigned certificate be installed on the server?
Should the server and sonicwall be members of the domain "example-ebiz.com"
there are no internal DNS servers for this host.
Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?

I am somewhat familiar, I just dont want to mess this up.
Thank you for your time and Knowledge.
0
Comment
Question by:chrismaksimik
1 Comment
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 39912569
<<In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?>>

The WAN address of the Sonicwall would be the address you'd use for the A record for the server.  So, if the host name of the server is "ebiz.domain.com," you'd create an A record for the server "ebiz" in the domain.com DNS zone, and assign the Sonicwall's IP address to that host.

The SSL certificate gets installed on the host machine, not the Sonicwall firewall.

<<Should a self-assigned certificate be installed on the server?>>

Not unless you are going to have internal users logging on to that server using SSL and using a different (i.e., local) domain name.

<<Should the server and sonicwall be members of the domain "example-ebiz.com"?>>

The server needs to be a member of the public domain, because the name on the SSL certificate has to match the name of the server or your users will get a warning message that the certificate and the server name don't match.  The Sonicwall doesn't have to be a member of the domain.  All the Sonicwall cares about is the routing of IP addresses, so it has to have a route to the internal IP address of that server.

<<Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?>>

I'm pretty sure that all you'd need to do is make the internal server a member of the domain and point your internal host's NIC to the GoDaddy DNS server(s).  However, this is something I've never dealt with, so you may want to check this with GoDaddy or perhaps someone else can answer this portion of your question with more certainty.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question