Re: Certificates on .local domain
- From: Juha Kalliola <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 21 Apr 2006 08:10:02 -0700
Hi Ken,
I hope you still read this post.
I made a record on DNS somehost.itadmina.fi. (not actually that name) I made
a new certificate on DefaultWeb. Everything seems to be fine. When I go to
https://somehost.itadmina.fi from my home (for example) I can install the
certificate and it says issuer is somehost.itadmina.fi.
When I export the certificate for using in my phone, it says the issuer is
somehost.itadmina.local. When I install it to phone at set it trusted it is
not trusted. So this is my problem now. Why in my phone the same certificate
says that issuer is .local and in my desktop .fi?? I don't undertand.
Please help me if you can.
Best,
Juha
"Ken Schaefer" wrote:
Hi,.
Your public domain (itadmin.fi) needs public DNS servers. This allows remote
users to lookup hosts in the itadmin.fi domain, and find the associated IP
addresses.
When you registered the domain, you need to specify authorative DNS servers
for the domain. Those are the public DNS servers for the domain. On those
DNS servers you need to create an appropriate A (Alias) or CNAME (canonical
name) record that points somehostname.itadmin.fi -> your public IP address.
Cheers
Ken
"Juha Kalliola" <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:69E77162-2D6F-4129-AA2A-B4FB734B1FC0@xxxxxxxxxxxxxxxx
I'm sorry but I don't understand. If I give you details could you help me
out.
Our server is "serveri.itadmina.local", it has a public IP address.
Our mailboxes and web server is on ISP. We use POP3 connector to collect
email from ISP to Exchange.
Our registered domain is "itadmina.fi".
Where and what changes I must do on our internal server to have this FQDN
recorded there?
"Bernard Cheah [MVP]" wrote:
The FQDN concept apply, so you need to create a Host record that match
your
cert common name and point it to your server.
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
"Juha Kalliola" <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:18C65CF9-718F-4144-A268-C9F379A75840@xxxxxxxxxxxxxxxx
Thanks Bernard,
I have registered domain name. The article you included is about FTP.
How
does it help me in this case?
Best,
Juha
"Bernard Cheah [MVP]" wrote:
First, you need to register a domain...... then ......
Read http://support.microsoft.com/?id=816525
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
"Juha Kalliola" <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:E132FB85-63A9-4BA8-AA03-E3BC891A4DEA@xxxxxxxxxxxxxxxx
Thanks Ken,
Could you tell me also how can I configure FQDN like yours to my SBS
server?
Where I configure it?
Best,
Juha
"Ken Schaefer" wrote:
Hi,
The "common name" of the certificate should match whatever DNS name
you
are
using in your phone to connect to the Server ActiveSync or OMA
website.
For example, my SBS server has in the .local domain (and that's how
we
access it internally).
However, for external access it has a host.adopenstatic.com FQDN.
The
certificate that I installed has a common name that matches
host.adopenstatic.com
Cheers
Ken
--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
"Juha Kalliola" <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:E3EA499D-9666-4908-9FE3-1A975E1F9174@xxxxxxxxxxxxxxxx
I got it working once. After I madeome changes but haven't got it
working
anymore.
I can accept and install certificates to my phone and that is not
the
problem.
The problem is on the server and with the certificate. And as I
mentioned
I
got it working once but not anymore.
"Miha Pihler [MVP]" wrote:
Hi,
Are you connecting to OWA over HTTPS (SSL)?
The problem with some phones is that they will not allow (at
least
by
default) to see the pages protected with certificates that they
do
not
trust. So the simple solution is to buy a certificate from
commercial
CA
server like Thawte or VeriSign.
--
Mike
Microsoft MVP - Windows Security
"Juha Kalliola" <JuhaKalliola@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message
news:E9F7DD53-C84C-4E6D-BC9D-F414AC4B6F27@xxxxxxxxxxxxxxxx
Hi,
we are using SBS2003 with outlook web access and active sync.
I have been trying to make working certificate with more or
less
success.
How should it be made.
Our sbs domain is with suffix .local. We have a public IP
address
for
our
server.
I can connect to OWA with public IP address. But how should
the
certificate
be made so I can use OMA in my mobile phone in this case?
- References:
- Re: Certificates on .local domain
- From: Miha Pihler [MVP]
- Re: Certificates on .local domain
- From: Ken Schaefer
- Re: Certificates on .local domain
- From: Juha Kalliola
- Re: Certificates on .local domain
- From: Bernard Cheah [MVP]
- Re: Certificates on .local domain
- From: Juha Kalliola
- Re: Certificates on .local domain
- From: Bernard Cheah [MVP]
- Re: Certificates on .local domain
- From: Juha Kalliola
- Re: Certificates on .local domain
- From: Ken Schaefer
- Re: Certificates on .local domain
- Prev by Date: Re: default scripts and manuals
- Next by Date: Re: Problems with IIS 5 default domain
- Previous by thread: Re: Certificates on .local domain
- Next by thread: Access denied logging to event log on Windows Server 2003
- Index(es):
Relevant Pages
|
