views:

24

answers:

1

I'm requesting my first SSL certificate for one of a pair of test servers (2008 R2, IIS7). Our CA is not part of AD so I've worked out that I need to do the 'request an Internet certificate'. That link isn't very helpful, though, because it doesn't tell you what to put in the boxes. I'm pretty sure I'm okay with everything except the 'Common name' box. I think I need to put the server name in here but I'm not sure.

Normally, I use host-headers with my sites so that my networking guys can provide me with load-balancing or, at least, fail-over across a pair of servers. Can I do that, here, and if so, do I fill in the host-header name or the server name?

A: 

The answer is complicated and I don't want to get it wrong, in case anyone else reads this. Suffice to say, I'm looking at using subjectAltName on the certificate request so that people who use the host-header address will still get to the site without getting a certificate warning.

serialhobbyist