SSL for the Internet with Enterprise Root CA?
From: Jack Dobiash (jack.dobiash_at_grandronde.org)
Date: 02/29/04
- Next message: D_at_annyBoy: "Re: IIS"
- Previous message: Jonathan Maltz [MS-MVP]: "Re: IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 28 Feb 2004 17:16:19 -0800
We have an IIS 6 server that we recently installed.
Everything is working fine and I wanted to enable SSL for
certain webpages that will be available over the
Internet. We have an Enterprise Root CA in our Domain,
so I just went to the IIS server, went through the wizard
and created the certificate for it, from our Enterprise
Root CA. The problem is, internally it works fine but
externally it takes about 30 seconds to load up the
initial page. Of course, it says that it doesn't trust
the Root CA, but this is expected. I have done some
packet monitoring and it seems like the client is trying
to directly talk to the Root CA to get it's info, which
isn't possible since it's not publically available.
Also, when you go to look at the certificate (once it
does finally finish), the Certificate path doesn't show
any Root CA.
To summerize, is it possible to have a publically
available Website secure with SSL from a certificate made
from an Enterprise Root CA? Do I need to make another
Stand Alone Root CA? Should I just go make a
certificate with say, OpenSSL?
Thanks!
Jack Dobiash
- Next message: D_at_annyBoy: "Re: IIS"
- Previous message: Jonathan Maltz [MS-MVP]: "Re: IIS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
