+ Post New Thread
Results 1 to 8 of 8
How do you do....it? Thread, Domain Name -> IP Address Help in Technical; We have a school .co.uk domain, which is hosted with an external hosting provider. At the moment we have: http://sub.domain.co.uk ...
  1. #1

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241

    Domain Name -> IP Address Help

    We have a school .co.uk domain, which is hosted with an external hosting provider. At the moment we have:

    http://sub.domain.co.uk set to redirect to https://IPAddress:Port/Folder

    So when the user browses to the domain, it just forwards them onto the IP of the server (which we host internally at school). I'm trying to get a certificate for this server, but it won't allow me to get a certificate for an IP address.

    I need to somehow link the domain to the IP (and rest of the address - it's not just an IP as you can tell, it's a port and a folder too) so I can install a certificate for it.

    Anybody got any ideas how I can achieve this?

  2. #2

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    You cannot in your current setup, because DNS (quite rightly) doesn't know about ports, protocols or URIs - only names.

    You'll have to change your internal hosting to a standard port or live with having https://sub.domain.co.uk:Port as your address (why the port, anyway? this is what IANA's well-known ports are for).

  3. #3

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by powdarrmonkey View Post
    You cannot in your current setup, because DNS (quite rightly) doesn't know about ports, protocols or URIs - only names.

    You'll have to change your internal hosting to a standard port or live with having https://sub.domain.co.uk:Port as your address (why the port, anyway? this is what IANA's well-known ports are for).
    Being an RM network, the default port for SSL of 443 is used for EasyLink - so we have to choose a different one for this (as we only have one outward facing IP address). Guess we can't have a trusted certificate for this then, and will just have to stick to using a self-signed

  4. #4

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Can your external provider host a reverse proxy for you over a self-signed certificate, then re-certify it to send to the destination?

  5. #5

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by powdarrmonkey View Post
    Can your external provider host a reverse proxy for you over a self-signed certificate, then re-certify it to send to the destination?
    That's got to be the most confusing sentence I've read in my entire life!

  6. #6

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by Hightower View Post
    That's got to be the most confusing sentence I've read in my entire life!


    Request -> external provider:443 -> your box:someport
    Response -> your box:someport -> external provider:443 -> destination

    where traffic between you and your provider is protected by a self-signed, and between them and the client over a properly-named one.

  7. #7

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,403
    Thank Post
    638
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    319
    The way we plan on doing this is to have the SSL cert at our reverse proxy, running on 443, handling sub.domain.net. Directories of this subdomain will then be proxied to both Easylink and the other site.

    https://sub.domain.net/easylink -> internally: RM server running Easylink
    https://sub.domain.net/otherthing -> internally: web server

    In theory, it should work.

  8. #8

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Ok, got this working people!

    Created certificate (90 day trial from Comodo) for sub1.domain.co.uk. Installed this certificate on the server. Then went into CPanel where the domain name is hosted, and created a DNS (instead of the redirect I had in place) record for:

    sub1.domain.co.uk --> IPAddress

    So sub1.domain.co.uk can be browsed to, and the address actually stays as sub1.domain.co.uk instead of changing to the IP address. This means that the certificate actually matches the DNS records now for this server.

    Thing is, sub1.domain.co.uk:1590/folder is where we need to get to, so I created another sub domain called sub2.domain.co.uk which does a simple redirect to sub1.domain.co.uk:1590/insight

    Now the user just needs to enter sub2.domain.co.uk and it will get them to where they need to be, fully certified.

    Gonna be a pain updating the helpdesk call with this info - might just copy and paste what I said here lol

SHARE:
+ Post New Thread

Similar Threads

  1. Talk to a 192.168 address from a 10.0 address
    By mattx in forum Wireless Networks
    Replies: 10
    Last Post: 17th August 2010, 12:12 PM
  2. First 2008 R2 Domain controller in a 2003 domain
    By zag in forum Windows Server 2008 R2
    Replies: 6
    Last Post: 9th June 2010, 02:26 PM
  3. can parent domain users log into a sub domain
    By eastofsmeg in forum Wireless Networks
    Replies: 15
    Last Post: 27th January 2010, 03:04 PM
  4. IP Address change in AD Integrated domain
    By albertwt in forum Windows Server 2000/2003
    Replies: 5
    Last Post: 18th June 2009, 12:18 AM
  5. Replies: 3
    Last Post: 10th April 2007, 08:40 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •