Link to home
Start Free TrialLog in
Avatar of GoStream
GoStreamFlag for Ireland

asked on

Obtain a trusted certificate

Hi,

I am trying to setup an encrypted connection between a
  • MS SQL server running on Windows 2008R2
  • Amazon Web Server running NGINX
 
but I have hit some road blocks.

I have found that the SQL service will not start, unless the certificate in use has been issued to the name of the server, which is unfortunate as the server FQDN is a .local domain, e.g. there is no option to obtain a trusted certificate that would contain a .local FQDN name as well. Only way to issue such a certificate is a local CA, but than such certificate wouldn’t be trusted externally.

In a windows based server, there are ways to “hack” the system to get it work (add the FQDN of the local server name with the public IP address, so that the server name can be resolved; add the local CA certificate to trusted CAs list on the web server, so that it trusts the certificates issued by it). But unfortunately, not sure if we have such options in AWS.

I was wondering if someone ever had faced such a scenario, and if you found any way to make it work?
ASKER CERTIFIED SOLUTION
Avatar of Peter Hutchison
Peter Hutchison
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of GoStream

ASKER

Hi Peter,

Thanks for your reply I am going to try this and get back with the results