GlobalSign BlogAlthough I've built these servers VM for our web person, I'm afraid he's going to try to get me to do this. I think this should be the responsibility of the web person but I would like to know step by step instructions. This needs to be done on R2 and R2. The subject's common name CN field in the X. This is done by generating a new certificate usually signed by a Certification Authority CA trusted by both the client and server. I don't talk about the domain users, I mean anyone. I want to protect the certificate from that, I want the only way to login is give him the certificate manually to install or password protect the certificate, is that possible. No, the cert you're talking about is a public cert and therefore is treated as something that is freely available to install. There is no way to restrict this because it is not how PKI is designed to operate. Who is your CA? Are these self signed certs? If you purchased the certificates Geotrust, Rapid ssl etc. Just contact your re-seller. The first step in a purchase, renewal or re-issue is to Create a Certificate Request. You have to answer all fields. Spell out the State or Provence name. The wizard lets you abbreviate, but your purchase process won't accept it. When you do the purchase or re-issue process with your Vendor, what you can do with the SSL in their portal. If you want to change the common name then you have to start a new order. Then you can purchase whatever you want. Details depend on your vendor, and as I recently learned, the contract in place if you're a reseller. Unfortunately I'm not that savvy when it comes to web stuff but this looks like the step in the right direction! To continue this discussion, please ask a new question. Get answers from your peers along with millions of IT pros who visit Spiceworks. I need help on how to get this done. I have never done this before. Best Answer. Sneakycyber This person is a verified professional. Verify your account to enable IT peers to see that you are a professional. We found 8 helpful replies in similar discussions:. Fast Answers!
Subscribe to RSS
Subscribe to RSS
I am horrible at IIS and certificates and was wondering if you guys would be able to give me some insights on what the fix for my issue is. I am trying to setup weblink. I have everything setup internally and can access it inside the network. Externally is my issue. This is where I get confused. I am assuming it has something in IIS not looking at the right cert or I have something misconfigured. On the server I have I used Let's Encrypt to get a cert for lf. Obviously internally the server name is something else. I only show that cert in there on under default website. Not sure if I need an internal one maybe? Any help would be appreciated! This is not about the certificate for the web server. If it was a problem with that one, the browser would alert the user in the normal way e. This is referring to the certificate used to secure the connection between your WebLink server and the LFS server. I'm guessing that since LFS is inside the firewall and WebLink is outside, you are not using the same dns name for the server for which the certificate was issued. This is what the error is telling you. The hostname you use in the WebLink configuration page has to match the or a certificate that is used by LFS. I expect you would use netsh, but I don't have specific instructions. If you haven't seen the documentation for how to set up the cert in the first place, you may find it helpful. LFS uses the same cert. You are viewing limited content.
WWW or not to WWW
The name mismatch error indicates that the common name domain name in the SSL certificate doesn't match the address that is in the address bar of the browser. For example, if the certificate is for www. If you aren't the website administrator you will want to always access the site with the full name usually include the "www. If you are the website administrator, you will usually want to forward all traffic without the "www" to an address with the "www" and get an SSL certificate with the "www" in the common name. That way you will completely avoid the name mismatch error. Some certificate authorities get around this problem by issuing a certificate with SANs. So you can get a certificate for paypal. Another common reason for this error is if you are accessing a server using an internal name when the SSL certificate on it just has the public name on it. In this situation you can get a UC certificate that has both the external public name and the internal server name in the certificate. You can verify whether you will get a name mismatch error by using our SSL Checker. Most web browsers make it clear that you shouldn't just continue when you receive this error. This is because, while most of the time it doesn't, it could indicate that a phisher is trying to pass a website off as a legitimate site. You shouldn't have to continue through this error message on legitimate web sites. This error is often phrased differently depending on the web browser. These are some common ways the name mismatch error is stated in other browsers:. However, the security certificate presented belongs to "paypal. It is possible, though unlikely, that someone may be trying to intercept your communication with this web site. If you suspect the certificate shown does not belong to "www. The certificate is only valid for: www. Menu What is SSL? Why SSL?