We deploy a web application (Dynamics CRM) on a single IIS server which should be reachable from the internet.
The application is only accessible with HTTPS. Therefore we need a ssl-certificate, because multiple hosts are used. The certificate will match *.contoso.com.
Internal access to the application requires also HTTPS. We need a certificate for crm.localdomain.local.
Because the SSL connection can only be terminated on the IIS website itself and a restriction of Dynamics CRM which allows only a single HTTPS-Binding on the website, we have to cover this scenario with a single certificate.
Is the inclusion of internal names a problem?
Answer
I dont think its even possible to use localdomain entries on non self signed SSL's
however one possible work around for you, why not make the internal access available on internalcrm.contoso.com and do some internal dns setup that points that domain to the internal crm machine and then it can be part of the wildcard SSL without any problem whatsoever?
No comments:
Post a Comment