Brian,
You'll need SSL certificates for the site systems that clients connect to using HTTPS, such as Management Point, Software Update Point, Distribution Point, etc. I'm pretty sure that SQL Server creates its own self-signed certificate though, so I'm not sure that you'd need to specifically create one for it through your Microsoft PKI. This document talks about certificates pretty well: http://technet.microsoft.com/en-us/library/gg699362.aspx Cheers, Trevor Sullivan From: [email protected] [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Thursday, February 13, 2014 12:08 PM To: [email protected] Subject: RE: [mssms] Deploying site systems in the DMZ Thanks for that. Will I need Web-based IIS certs for the Primary Server w/ SQL (internal domain) as well as my DP in the DMZ? Brian _____ From: [email protected] <mailto:[email protected]> To: [email protected] <mailto:[email protected]> Subject: RE: [mssms] Deploying site systems in the DMZ Date: Thu, 13 Feb 2014 11:55:45 -0600 Hello Brian, Here are at least a few things: * DNS resolution * Credentials for remote forest/domain (if applicable) * Firewall port openings * Operating system of DMZ servers Cheers, Trevor Sullivan From: [email protected] <mailto:[email protected]> [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Thursday, February 13, 2014 11:27 AM To: [email protected] <mailto:[email protected]> Subject: [mssms] Deploying site systems in the DMZ Is there much difference between building site systems in the DMZ as compared to my internal network? I need to deploy an FSP one one box and SUP/MP/DP on another. What pre-requisites do I need to consider before I begin this task? Thanks, Brian
