Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


windows and certificates for .local and .co.uk

  • Please log in to reply
No replies to this topic

#1 admin7070


  • Members
  • 1 posts
  • Local time:05:56 PM

Posted 31 March 2016 - 01:46 AM

Hi - I am hoping you can help here as I am totally confused.
We have a 2012 domain (abc.local) and our main domain is abc.co.uk have recently purchased a UCC cert for server1.abc.co.uk with SAN  (subject alternative names) for server2.abc.co.uk, server3.abc.co.uk, ts.abc.co.uk and dc.abc.co.uk
Server1 is our Exchange 2012 box and I found the commands to run so it changes the virtual directories and makes the IIS/Computer accept a .co.uk certificate .. this has been installed and now when people connect to server1.abc.co.uk via the internet the certificate replies as OK even though it is called server1.abc.local
Externally it also is named as server2.abc.co.uk .. but again as I ran the commands to change the virtual directories etc.. it still replies as OK as this server is a SAN.
My problem is with TS and DC ... these servers do not have IIS installed and just have the standard certificate services installed - I have imported the full certificate (private and public key) into the certificate store but if I try and connect to ts.abc.co.uk then it replies the certificate is not valid etc..
Ideally I don't want to install IIS on the DC and the TS, as there is no need (the TS is just for me to connect remotely) .. but if I have to for simplicity then I will.
I suppose my question is ... how can I get my dc.abc.co.uk cert to correctly work on my dc.abc.local machine ?
If I install IIS .. what do I have to do to reconfigure so it accepts the cert .. is there a script or similar available like the ones I ran against the exchange server ??? (also what are the minimum components I need to install on a 2012 R2 box) 
If I don't have to install IIS ... how can I do what I want. ??
I hope I have explained the situation .. and any suggestions would be very helpful and much appreciated.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users