troubleshooting Question

AD FS with public domain name SSL certificate on private domain

Avatar of erik_r
erik_r asked on
* DNS Zone* Active Directory Federation Services (ADFS)DNS* adfs
3 Comments1 Solution14 ViewsLast Modified:
Hello.  My Active Directory domain name is  My email domain is which is used with O365 and a public facing website.

I'm setting up AD FS (at the moment NOT for O365) and purchased a wildcard SSL cert for *  My mind kind of went blank on this one since I see the email (public) domain on a daily basis.

Now, the name of my AD FS farm is  I would like to use this name and it auto-populated because the SSL cert I installed on this server is *

The name of the server running AD FS is  I read that a CNAME record should be created for to point to  Is this correct?  If so, how would you deal with adding more than one AD FS server to the farm.

I don't know how to make work for internal users in the DNS forward lookup zone for  Now, I can create another forward lookup zone named (the subdomain name of adfs in front of should alleviate any DNS issues with internal users browsing to websites and such) and create a host entry to  It won't let me create a CNAME record to another forward lookup zone.

At the moment I'm only concerned with internal name resolution.

Either I am over complicating this or my approach is way off base and too simple.

Thank you.
Join our community to see this answer!
Unlock 1 Answer and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros