+ Post New Thread
Results 1 to 5 of 5
Windows Server 2000/2003 Thread, SSL certificate internal/external problem... in Technical; Before I start, I admit I'm no server expert, but I was pretty pleased that I managed to installed a ...
  1. #1

    Join Date
    Feb 2009
    Location
    Bucks
    Posts
    21
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Unhappy SSL certificate internal/external problem...

    Before I start, I admit I'm no server expert, but I was pretty pleased that I managed to installed a new SSL cert on my server (courtesy of IPSCA - thanks for the hint) mainly for Outlook OWA. This fixed the SSL warning when accessing email from outside the school, but it's still complaining if the email is accessed from inside the school.

    I guess this is not surprising really as the internal server name doesn't match the external url inside the certificate. My question is how do I fix this as I can't see how to add another certificate to IIS ? Any help appreciated.

  2. #2

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,817
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Quote Originally Posted by Vstar View Post
    Before I start, I admit I'm no server expert, but I was pretty pleased that I managed to installed a new SSL cert on my server (courtesy of IPSCA - thanks for the hint) mainly for Outlook OWA. This fixed the SSL warning when accessing email from outside the school, but it's still complaining if the email is accessed from inside the school.

    I guess this is not surprising really as the internal server name doesn't match the external url inside the certificate. My question is how do I fix this as I can't see how to add another certificate to IIS ? Any help appreciated.
    Create an internal DNS entry pointing to the sub/domain name that the server name resolves to. Or if you are on an LEA wan they are normally able to setup an internal DNS entry to the wan for you to resolve to that address and have the external address point to the external Ip address.

  3. #3

    Join Date
    Feb 2009
    Location
    Bucks
    Posts
    21
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    glennda,

    My googling has failed me, as has adding random zones and A names to DNS management console. I've ended up with added a new zone under the forward lookup zones with the external FQDN and the ip address of the server, that didn't work, so I thought I may need a reverse lookup zone too, there's already one there for the subnet the server (and most of the clients) sits in, so I added a PTR. None of this has made any change.
    Any ideas or screen shots?

  4. #4

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,678
    Thank Post
    861
    Thanked 650 Times in 431 Posts
    Rep Power
    499
    Have you got Subject Alternative Names setup correctly for both the external address and you internal addresse?

    our SSL for https://mail.moorsidehigh.com/owa has the following SAN's configured

    DNS Name=<int>
    DNS Name=<int>.moorsidehigh.com
    DNS Name=autodiscover.moorsidehigh.com
    DNS Name=mail.moorsidehigh.com

  5. #5

    Join Date
    Feb 2009
    Location
    Bucks
    Posts
    21
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Where do you set the SANs up? I can't see anywhere in the DNS Management console (server 2003).

SHARE:
+ Post New Thread

Similar Threads

  1. SSL Certificate
    By PRicho in forum How do you do....it?
    Replies: 39
    Last Post: 22nd January 2009, 12:46 PM
  2. Exchange 2007 SSL - internal problem
    By burgemaster in forum Windows
    Replies: 3
    Last Post: 8th May 2008, 09:57 AM
  3. Generating SSL self signed certificate
    By mactech03 in forum Mac
    Replies: 1
    Last Post: 18th April 2008, 03:46 PM
  4. Affordable SSL certificate
    By meastaugh1 in forum Recommended Suppliers
    Replies: 6
    Last Post: 17th December 2006, 04:27 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •