How_setup_temporary_domainname

I am migrating two windows 2008 VMs (crystal server) and two RHEL 5.8 VMs (oracle servers)
from current production server to a new larger physical server.

They assigned temp IPs for the migrated machines until testing is completed.

The issue is that I need to test web applications on the new machines
and I cant migrate the current domain name and SSL certificate to the new ones.

1) Do you know how can I set a temporary test domain and set it up in DNS for testing?
Do I need to buy SSL certificates and domain for testing?

2) Would I be able to migrate the current production SSL certificates and domain name
to new machines when we go live or I need to create a new CSR on new machine and resend to certificate authority for regeneration? the machine names are different from old to new machine.
sam15Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Use the etc/hosts files to change the IP associated with the hostnames


New_ip www.mysite.com

This will direct your browser to access the new_ip when you access www.mysite.com

This deals with maintaing the same names/references on the test server, or you could add a test. And point them to the new iOS, and add the test to the various handlers, iis host, oracle app ....

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sam15Author Commented:
But does not this redirect production users to new test server too (I don't want that yet)?

I want to spend several weeks testing the new machine to verify it everything runs fine but I need temp domain name and ssl ceritifcate since we use HTTPS.

If I change the hosts file on my windows 7 desktop machine, would it ignore the DNS entries for current production machine and go to new server? so the DNS will have

CURRENT_PROD_IP www.mysite.com (prod server)

The local hosts windows file

TEMP_TEST_IP  www.mysite.com (New server)
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
For your two Linux instances...

There are two primary ways SSL is handled on temporary/migrating hostnames.

1) If you're running a CMS which lends itself to running like this, you just rename your test site to...

test.foo.com + in the case of WordPress, run wp-cli to rename all instance of foo.com to test.foo.com in the database.

2) More complex, is custom code + other CMS code which is poorly written... or written by novice developers who failed to code for this situation. (A seasoned developer will always code to support simple migrations + traffic scaling.)

Here's the 100% foolproof way I do this when I have to migrate non-WordPress code for a client or just setup a custom code dev site.

a) Create an LXD container for dev/test/staging site.

b) Setup dnsmasq to run inside container + remove all other DNS tech, like named + systemd-resolved, so you know dnsmasq is handling 100% of all DNS resolution.

c) In dnsmasq, setup an lookup for foo.com + www.foo.com to resolve to the public LXD container IP.

d) copy over your SSL certs from your production machine.

e) setup your LAMP Stack config to match your production site.

f) anyone accessing this dev site will add an /etc/hosts entry for foo.com + www.foo.com to match the public LXD container IP.

At this point, your SSL will work + all intra-site references will be routed to dev site by dnsmasq, rather than leaking to production site.

This type of setup has become so common for me, it's second nature now.

Using this type of config allows sites to be referenced by their normal domain name + have SSL working + with no code changes.

Perfect for sites coded with no support of migration sequences.
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

arnoldCommented:
The change on your local machine will only affect users logged in on it accessing that URL.
It will be limited to this one workstation.
You can always comment out (#) the line when done with testing for the day.
sam15Author Commented:
I am not sure what CMS, LXD are and we don't use LAMP or wordpress.

I only need a TEST DOMAIN NAME for the oracle apache web server. Database machine is accessed using web server using client/server connection.

Let us my current production machine has domain name "www.xyz.com" with IP address 192.01.111.111.
The new web server machine has no domain now. IT has IP address 192.01.222.222.

1) Can I setup in my local test workstation host file for testing purposes "www.xyz.com" and 192.01.222.222. Would this work?
2) Can I really copy the SSL certificate files from old machine to new machine? I thought the CSR normally includes machine name or domain name or something specific for the machine?
arnoldCommented:
LAMP - Linux Apache MySQL PHP
LXD are containers to run application/system as an alternative to VM without the Overhead resource cost.
CMS Content Management System drupal, joomla, wordpress

On the workstation from which you will be testing the new environment, adding the new IP and the hostname in the hosts file as I outlined will let you from that workstation only to access the test environment.

The new System where you have copied setup

Lets start from the beginning what is it you are trying to do?
Are you trying to setup a test environment to match your current production. In this case you can use your workstation with virtualbox or VMWARE and setup a guest system onto which you will build t.......

You can export the certificate into a PFX/pcks12 with the private key and the imported on the new machine.
sam15Author Commented:
I am migrating an old production physical machine to a new physical machine. It runs VMware so we have Linux and windows VMs running on it.

We are copying the VMs for windows but reinstalling RHEL and oracle servers on Linux.

SO I need to test applications on those new machine to see how they run before doing final production migration.

Are you saying I can test using same domain name by adding the new machine IP to the local host file on test machine and export the SSL certificate and import it on new machine? Cant you do a certificate file copy for certificate/. I am not sure this will work as the CSR might be different of it includes hostname.
arnoldCommented:
Yes, the new system will have new IPs unless you plan on reusing the same IPs from the systems in production on the new one that will replace them.

IMHO, it is better to transition using new IPS new Hostname, and have DNS and Firewall distribute the requests once the new machines go in production in the interim for testing, the configuration on the new machines can be to include the system's hostname in the references if multiple bindings are permitted.
if you are doing an end to end test, the hosts files on the test machine should include references to the hostnames on which they rely
i..e. to avoid the application server hitting the production sql server, the hosts file on the application server should include the IP of the new database server.

The complexity depends on your setup and what we are talking about.

Commonly it is simple for webservers as they often go by www.yourdomain.com
potentially an application server for flexibility sake would not use the servername.yourdomain.com but might use application.yourdomain.com that can be controlled through DNS entry updates....

At times, a small typo left over from a testing phase using test names, when placed in production a small ......

Depending on your environment, and options, settings the LAB like where all the requisite components are on the same isolated segment where there is a system from which you can test..

Exporting the ceriticate with private key, (password protect) will let you import the pair on the new system.

You are not changing the access, as noted above the presumption that you have a reference that is not servername based but is unique/flexible and exists only in DNS and points to an IP that corresponds to the hostname/servername of the node.... (virtual or physical)
sam15Author Commented:
yes, I plan to use new IPs temporarily for testing purposes only. After testing is completed, we plan to reuse current productions IPs for new servers. Reason for that we have so many firewall rules locally and remotely at customer site based on these IPs

I am going to test the edit for hosts file to run same domain on new machine.

do you know what to use for export/import of ssl certificates for Linux and windows servers?
PberSolutions ArchitectCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Split:
-- arnold (https:#a42393626)
-- David Favor (https:#a42394149)
-- arnold (https:#a42398997)


If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

Pber
Experts-Exchange Cleanup Volunteer
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Applications

From novice to tech pro — start learning today.