Re: name on the security certificate is invalid



3. Is there a way to allow internal users to type www.mysite.com and
have the router (cheap home router) keep the traffic inside the
building without going to the ISP and back?

Yes, but it depends on the topology of your network. You can route local
users directly to the web server without sending them out into the Internet.
If you could show us your network map (e.g. router, web server and users) we
could give you an advice, how to route the traffic between the router and
the web server.


4. Is there a way to install a second cert with the server name?
Yes, you can create another web site in IIS and make it listen on internal
IP address and create another certificate for the internal name.


6. Is there a way to make a single cert work for www.mysite.com and
"http://myservername";? What about when people hit the site using just
an IP address (internal or external)?
No, there is no way to do that.

Additionally, you can create 2 A records for your domain name and make one
of them point to the internal IP address. But this address will be visible
to the Internet users, so if this is not an issue, you can go this way.


--
BR,
Valery Marchuk


"GroupReader" <newsgroups_01@xxxxxxxxxxx> wrote in message
news:e12e8abf-b039-4a3d-b97c-ca4172030952@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I set up an SSL Certificate for my website. All works fine when the
site is accessed via www.mysite.com.

The problem is that there are many internal users and I don't want
them to have to go out to the internet to access the site. They
access the site with http://servername. This causes the error "name
on the security certificate is invalid".

What's the best solution for supporting both internal and external
customers?

More info:
1. For the internal users, the connection doesn't necessarily need to
be encrypted
2. On the website, I have "require ssl" checked (in IIS). Then, I
use a custom error page to redirect people to https if the come in to
the sive with http. I'd like to keep this part. It works well.
3. Is there a way to allow internal users to type www.mysite.com and
have the router (cheap home router) keep the traffic inside the
building without going to the ISP and back?
4. Is there a way to install a second cert with the server name?
5. I guess I could maintain two copies of the site - one for internal
and one for external customer... but I don't like this solution. Does
anyone else do this?
6. Is there a way to make a single cert work for www.mysite.com and
"http://myservername";? What about when people hit the site using just
an IP address (internal or external)?

That's it for now - any help would be greatly appreciated.

Thanks.



.



Relevant Pages

  • Re: Urgent! New router and big disaster
    ... The SBS DNS server, running on ... its IP it means that your problem is now DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... Both NICs should point to his internal IP for DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: Urgent! New router and big disaster
    ... First Page of the Internet Connection Wizard, ... Next I Select a local router device with an ip address. ... You should give your SBS a fixed external address so you can forward ports ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot simultaneously share DSL connection
    ... In order to be able to use Internet with both computers at the same time the ... Router has to be the authentication device. ... The Linksys Router provides on the CD an extended manual that would explain ... happens when we try to share the internet connection. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Exposing my home website to the internet.
    ... I want the capability to mount web pages on my own web server ... and expose these pages to the internet. ... not change.This allows me to access my router. ...
    (comp.os.linux.misc)