Certificate Question - Exchange 2007
Within a CSR request for a certificate is the hostname important. The reason I am asking is that we are about to lose our domain name and the old domain name would still be in the hostname of the server. Would a third party SSL certificate vendor still issue us a new certificate for the new domain name space or would they reject it because of the hostname is for a domain we don't own any more.Thanks in advance!
January 16th, 2010 6:47pm
The server's real name isnt really important at all. Since your request wouldnt be for that domain, it shouldnt matter to a vendor.( there are lots of people how use .local for example) That's not what you request the certificate for however for external access.
Free Windows Admin Tool Kit Click here and download it now
January 16th, 2010 7:01pm
On Sat, 16-Jan-10 15:47:52 GMT, sabo_e wrote:>Within a CSR request for a certificate is the hostname important. The reason I am asking is that we are about to lose our domain name and the old domain name would still be in the hostname of the server. Would a third party SSL certificate vendor still issue us a new certificate for the new domain name space or would they reject it because of the hostname is for a domain we don't own any more.Thanks in advance! If you don't own the domain then no reputable CA will issue acertificate to you unless you own more than 50% of the other companyand you can prove it.TLDs that aren't in public DNS namespaces (.local, for example) areusually acceptable. Some CAs will issue certs that include just ahostname (e.g. "myserver") and others won't (but that's usually apoint of negotiation with the CA).So, you'll have to be a bit more specific in your question. Is thename of the server in a DNS namespace you don't own? You seem to beasking two questions:1) will you be able to get a cert for a name in the "new domain namespace"?2) will you NOT be able to get a cert for a name in the "domain wedon't own any more"?If it's #1 (a "new domain name space") you should be the owner andthere won't be any problem.If it's #2 ("a domain we don't own any more") then it's unlikelyyou'll get a cert for it.---Rich MatheisenMCSE+I, Exchange MVP
---
Rich Matheisen
MCSE+I, Exchange MVP
January 16th, 2010 7:17pm
Thank you very much for the answer.
Free Windows Admin Tool Kit Click here and download it now
January 17th, 2010 5:59pm