IceDigger
[H]F Junkie
- Joined
- Feb 22, 2001
- Messages
- 12,092
Do I need to get a wildcard ssl cert or would just a regular one do for Small Business Server 2011 Standard?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
SBS 2011 and SSL Certs
- Thread starter IceDigger
- Start date
bloodypulp
Gawd
- Joined
- May 17, 2010
- Messages
- 903
depends
do you have a lot of subdomain websites? if only a handful, may be cheaper to buy individually.
if for internal use, you can self-sign your own certs.
do you have a lot of subdomain websites? if only a handful, may be cheaper to buy individually.
if for internal use, you can self-sign your own certs.
You should not need a wild card cert for SBS, it links everything to as such:
subdomain.domain.com
So mail.domain.com or remote.domain.com whatever you choose to call it.
As long as you have the right one for that it should work for all the services available in SBS.
subdomain.domain.com
So mail.domain.com or remote.domain.com whatever you choose to call it.
As long as you have the right one for that it should work for all the services available in SBS.
Ditto. I always snag a UCC Cert from Godaddy and spend 5 min finding a 30-50% off code and do 2 year terms. Just remember that you HAVE to use FQDNs now in certs. The days of using internal host names in UCCs are over. I can't tell you how many times I've seen people do that...
I generally just use a free one from startssl. Basically outside web access is via phones and tablets for email, and rare remote web workplace for email/remote desktop.
The only thing that doesn't work 100% is a 1 time pop-up when setting up outlook for the first time on a workstation, there is a security pop-up where the names don't match. After that everything is perfect.
The only thing that doesn't work 100% is a 1 time pop-up when setting up outlook for the first time on a workstation, there is a security pop-up where the names don't match. After that everything is perfect.
IceDigger
[H]F Junkie
- Joined
- Feb 22, 2001
- Messages
- 12,092
Thanks for the advice guys!
swatbat
[H]F Junkie
- Joined
- Apr 25, 2001
- Messages
- 13,052
It should be said that domains expiring after November of 2015 will not allow you to wildcard the internal .local address with the external on the ssl cert.
It isn't hard to setup everything to use the remote.domain.com or whatever your sbs remote web workplace is set to for everything.
http://realit1.blogspot.com/2013/12/the-name-on-security-certificate-is.html
That goes through how to change it via power shell. I generally do that vs messing with wild cards.
It isn't hard to setup everything to use the remote.domain.com or whatever your sbs remote web workplace is set to for everything.
http://realit1.blogspot.com/2013/12/the-name-on-security-certificate-is.html
That goes through how to change it via power shell. I generally do that vs messing with wild cards.