I think I tried that but it failed. Maybe I didn't wait long enough. I will read these two articles I just printed. Then I will walk through my thoughts on my internal AD sites.
From: Richard Stovall Sent: Monday, November 16, 2009 12:48 PM To: NT System Admin Issues Subject: RE: https and certs issues Once you create the zone on your internal DNS servers you then need to create either an A record pointing to the internal ip the site is listening on or a CNAME record pointing to the server's internal FQDN. Split DNS. From: David W. McSpadden [mailto:[email protected]] Sent: Monday, November 16, 2009 12:41 PM To: NT System Admin Issues Subject: https and certs issues I don't think I have any issue but I am having a hard time explaining myself to my board. Here is what I have: An internal web server nat through my firewall. An ssl cert to the address of the nat on the firewall. A DNS record to the nat on the firewall. When accessing the site internally I use the local ip address and get the "security certificate presented by this website was issued for a different website's address" which I understand should be there because I am not going to the DNS record for the cert. When accessing the site externally I use the DNS record and get directly to the login page as expected. I want to walk through this with my board but I am instructed it has to be exactly how they will see it in the real world not no local ip's and no cert errors..... When I try to access it using the DNS record IE gets stuck. I can add the host address to my hosts file and everything looks great. When I add an new zone or a ptr record IE gets stuck. Any ideas how to help me, other than the hosts file? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
