JoshuaThompson
Technical User
According to this Microsoft requires that the name of the certificate match the FQDN of the server for LDAP over SSL with a third party.
The FQDN of my Domain Controller is servername.domain.local. After 11/1/2015 GoDaddy will no longer allow non fully qualified domain names to be used as cert names. I am attempting to address this issue now.
I have the cert installed for servername.domain.com on the DC in Certificates (Local Computer) > Personal > Certificates. I have external DNS in place so that servername.domain.com resolves to my public IP of my firewall. I have my Firewall redirecting traffic from port 636 from specific IPs (my third party) to my internal DC. However when I test it using some simply SSL Checker services I am told "No certificate found". The server has been rebooted after the cert was installed. Performing an IPCONFIG /ALL on the DC shows the Host is servername and the Primary DNS suffix is domain.local. Hence the FQDN is servername.domain.local.
What can I do to get my Domain Controller FQDN to be servername.domain.com? Can this be as simple as adding a DNS suffix for domain.com? Or is this going to take a major rework of my AD structure?
Any advice is appreciated.
Thanks,
The FQDN of my Domain Controller is servername.domain.local. After 11/1/2015 GoDaddy will no longer allow non fully qualified domain names to be used as cert names. I am attempting to address this issue now.
I have the cert installed for servername.domain.com on the DC in Certificates (Local Computer) > Personal > Certificates. I have external DNS in place so that servername.domain.com resolves to my public IP of my firewall. I have my Firewall redirecting traffic from port 636 from specific IPs (my third party) to my internal DC. However when I test it using some simply SSL Checker services I am told "No certificate found". The server has been rebooted after the cert was installed. Performing an IPCONFIG /ALL on the DC shows the Host is servername and the Primary DNS suffix is domain.local. Hence the FQDN is servername.domain.local.
What can I do to get my Domain Controller FQDN to be servername.domain.com? Can this be as simple as adding a DNS suffix for domain.com? Or is this going to take a major rework of my AD structure?
Any advice is appreciated.
Thanks,