?
Solved

SSL Cert on internal Ebusiness server behind sonicwall

Posted on 2014-03-06
1
Medium Priority
?
579 Views
Last Modified: 2014-03-07
We have a Server 2008 server behind a firewall with port forwarding (80, 8080, and 443). We are running an E-business site that is intended to go Live in a few days. We ahve purchased an SSL cert from GoDaddy.

In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?

Should a self-assigned certificate be installed on the server?
Should the server and sonicwall be members of the domain "example-ebiz.com"
there are no internal DNS servers for this host.
Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?

I am somewhat familiar, I just dont want to mess this up.
Thank you for your time and Knowledge.
0
Comment
Question by:chrismaksimik
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 39912569
<<In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?>>

The WAN address of the Sonicwall would be the address you'd use for the A record for the server.  So, if the host name of the server is "ebiz.domain.com," you'd create an A record for the server "ebiz" in the domain.com DNS zone, and assign the Sonicwall's IP address to that host.

The SSL certificate gets installed on the host machine, not the Sonicwall firewall.

<<Should a self-assigned certificate be installed on the server?>>

Not unless you are going to have internal users logging on to that server using SSL and using a different (i.e., local) domain name.

<<Should the server and sonicwall be members of the domain "example-ebiz.com"?>>

The server needs to be a member of the public domain, because the name on the SSL certificate has to match the name of the server or your users will get a warning message that the certificate and the server name don't match.  The Sonicwall doesn't have to be a member of the domain.  All the Sonicwall cares about is the routing of IP addresses, so it has to have a route to the internal IP address of that server.

<<Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?>>

I'm pretty sure that all you'd need to do is make the internal server a member of the domain and point your internal host's NIC to the GoDaddy DNS server(s).  However, this is something I've never dealt with, so you may want to check this with GoDaddy or perhaps someone else can answer this portion of your question with more certainty.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question