Question : SSL Certificate and Alias

We have a Windows 2008 server (and IIS 7.0) that has an alias, and I'm wondering how an SSL will work on this...From what it looks like, I must request the SSL with the FQDN, so if ther server's FQDN is Gollum1.company.com but the alias for the server is just Gollum, what would I need to do to make sure this worked? I assume that I must still use Gollum1.company.com in the Common name, but how can I ensure that when people just type Gollum in their address bar they don't get a certificate error?

Answer : SSL Certificate and Alias

travis87, That wouldn't work, unless it was access as a non-ssl URL (http) and then forwarded to the ssl URL (https).  What the user/application enters as the URL for the domain name must match the certificate's subject (or subject alternative name / SAN).

TechInTheWoods, yes.  You can issue the cert to any name (and/or IP address, actually) you wish that is valid for the server and add the rest that you need it to respond to in the SAN list (presuming your company owns the domains listed, which they certify as part of their issuance process, hence "certification authority").  Depending on which commercial CA you use, many of them will even let you enter 'gollum' as another entry on the SAN list to use the internal alias, however this would not work with a wildcard (as the .domain.com is missing).   Internal hostnames is where some CAs will vary since internal names and IP addresses cannot be validated the same way a registered domain is to prove legitimacy.  If you want to try to do this and godaddy gives you problems, try comodo.
Random Solutions  
 
programming4us programming4us