Re: name on the security certificate is invalid



3. Is there a way to allow internal users to type www.mysite.com and
have the router (cheap home router) keep the traffic inside the
building without going to the ISP and back?

Yes, but it depends on the topology of your network. You can route local
users directly to the web server without sending them out into the Internet.
If you could show us your network map (e.g. router, web server and users) we
could give you an advice, how to route the traffic between the router and
the web server.


4. Is there a way to install a second cert with the server name?
Yes, you can create another web site in IIS and make it listen on internal
IP address and create another certificate for the internal name.


6. Is there a way to make a single cert work for www.mysite.com and
"http://myservername";? What about when people hit the site using just
an IP address (internal or external)?
No, there is no way to do that.

Additionally, you can create 2 A records for your domain name and make one
of them point to the internal IP address. But this address will be visible
to the Internet users, so if this is not an issue, you can go this way.


--
BR,
Valery Marchuk


"GroupReader" <newsgroups_01@xxxxxxxxxxx> wrote in message
news:e12e8abf-b039-4a3d-b97c-ca4172030952@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I set up an SSL Certificate for my website. All works fine when the
site is accessed via www.mysite.com.

The problem is that there are many internal users and I don't want
them to have to go out to the internet to access the site. They
access the site with http://servername. This causes the error "name
on the security certificate is invalid".

What's the best solution for supporting both internal and external
customers?

More info:
1. For the internal users, the connection doesn't necessarily need to
be encrypted
2. On the website, I have "require ssl" checked (in IIS). Then, I
use a custom error page to redirect people to https if the come in to
the sive with http. I'd like to keep this part. It works well.
3. Is there a way to allow internal users to type www.mysite.com and
have the router (cheap home router) keep the traffic inside the
building without going to the ISP and back?
4. Is there a way to install a second cert with the server name?
5. I guess I could maintain two copies of the site - one for internal
and one for external customer... but I don't like this solution. Does
anyone else do this?
6. Is there a way to make a single cert work for www.mysite.com and
"http://myservername";? What about when people hit the site using just
an IP address (internal or external)?

That's it for now - any help would be greatly appreciated.

Thanks.



.