Solved

SSL Cert on internal Ebusiness server behind sonicwall

Posted on 2014-03-06
1
561 Views
Last Modified: 2014-03-07
We have a Server 2008 server behind a firewall with port forwarding (80, 8080, and 443). We are running an E-business site that is intended to go Live in a few days. We ahve purchased an SSL cert from GoDaddy.

In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?

Should a self-assigned certificate be installed on the server?
Should the server and sonicwall be members of the domain "example-ebiz.com"
there are no internal DNS servers for this host.
Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?

I am somewhat familiar, I just dont want to mess this up.
Thank you for your time and Knowledge.
0
Comment
Question by:chrismaksimik
1 Comment
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 39912569
<<In setting up the Cert for E-biz, should the WAN address of the sonicwall be the A record for the Ebusiness site, and the certificate installed there?>>

The WAN address of the Sonicwall would be the address you'd use for the A record for the server.  So, if the host name of the server is "ebiz.domain.com," you'd create an A record for the server "ebiz" in the domain.com DNS zone, and assign the Sonicwall's IP address to that host.

The SSL certificate gets installed on the host machine, not the Sonicwall firewall.

<<Should a self-assigned certificate be installed on the server?>>

Not unless you are going to have internal users logging on to that server using SSL and using a different (i.e., local) domain name.

<<Should the server and sonicwall be members of the domain "example-ebiz.com"?>>

The server needs to be a member of the public domain, because the name on the SSL certificate has to match the name of the server or your users will get a warning message that the certificate and the server name don't match.  The Sonicwall doesn't have to be a member of the domain.  All the Sonicwall cares about is the routing of IP addresses, so it has to have a route to the internal IP address of that server.

<<Should I install DNS on this host server and register with the ".com" domain hosted by Godaddy?>>

I'm pretty sure that all you'd need to do is make the internal server a member of the domain and point your internal host's NIC to the GoDaddy DNS server(s).  However, this is something I've never dealt with, so you may want to check this with GoDaddy or perhaps someone else can answer this portion of your question with more certainty.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now