Mads Krag Dam - Homepage - MadsD.dk

A part of iSites.dk
Home
Blog
My IT
Husband
Family
Games
Pictures
Contact

.local is out! (Domains, certificates, SSL, etc)


Written by: Mads Dam - 21.06.2013 - 0 comments

I have  aproblem which I'll discuss in another blog-post, but first - here's a discovery that I'd like to share!

.local domain names and certificates are a big no-no from now on, without an internal PKI-infrastructure!

I've stumpled across a very interesting SSL-discovery. From 2015 .local-domain names are out. You cannot get an ssl-certificate with a .local-name from a public CA when 2015 hits us. And so far, it seems that some companies are already making the transition of not offering it anymore. Source: http://exchangeserverpro.com/ssl-requirements-for-exchange-when-certificate-authorities-wont-issue-certificate/ - Look under "Using a name no longer valid under new rules"

This has made me start planning on building a new domain. I don't want to just rename the old one.. it's one server, with 5 users, so, build-from-scratch it is, on the basis of Windows Server 2012 (maybe I should wait for R2? :D) - Perhaps I should even throw in DirectAccess, if it's capable of running simultaneously with Exchange 2013.

Update (2013-07-21):
Okay, so apparently Exchange 2010 with MBX/CAS/HUB-role is not able to coexist with DirectAccess on the same server - I had browsing issues from the server and if I remember correctly, also the certificate-stuff on IIS wasn't exactly functioning as expected. It'll take more research to understand why it didn't work. But for now, I'm just leaving it.


Comments



No comments


Write a comment


Name:
Website: *no http://
Comment: