Hi - I am hoping you can help here as I am totally confused.
We have a 2012 domain (abc.local) and our main domain is abc.co.uk have recently purchased a UCC cert for server1.abc.co.uk with SAN (subject alternative names) for server2.abc.co.uk, server3.abc.co.uk, ts.abc.co.uk and dc.abc.co.uk
Server1 is our Exchange 2012 box and I found the commands to run so it changes the virtual directories and makes the IIS/Computer accept a .co.uk certificate .. this has been installed and now when people connect to server1.abc.co.uk via the internet the certificate replies as OK even though it is called server1.abc.local
Externally it also is named as server2.abc.co.uk .. but again as I ran the commands to change the virtual directories etc.. it still replies as OK as this server is a SAN.
My problem is with TS and DC ... these servers do not have IIS installed and just have the standard certificate services installed - I have imported the full certificate (private and public key) into the certificate store but if I try and connect to ts.abc.co.uk then it replies the certificate is not valid etc..
Ideally I don't want to install IIS on the DC and the TS, as there is no need (the TS is just for me to connect remotely) .. but if I have to for simplicity then I will.
I suppose my question is ... how can I get my dc.abc.co.uk cert to correctly work on my dc.abc.local machine ?
If I install IIS .. what do I have to do to reconfigure so it accepts the cert .. is there a script or similar available like the ones I ran against the exchange server ??? (also what are the minimum components I need to install on a 2012 R2 box)
If I don't have to install IIS ... how can I do what I want. ??
I hope I have explained the situation .. and any suggestions would be very helpful and much appreciated.