Configure IFD using 5 SAN certificates
-
03/رجب/1433 01:32 م
I want to configure IFD form CRM 2011 using 5 SAN certificates.
I search a lot to get a solution for this but didn't find anything. In all demos they are using wildcard certificate.
I have following certificates: adfs.mycompany.uk, auth.mycompany.uk, crm.mycompany.uk, dev.mycompany.uk and myorg.mycompany.uk
- adfs.mycompany.uk is used on Default Web Site on port 443 when I configure adfs
- crm.mycompany.uk is used on Microsoft Dynamics CRM on port 444 and is used for internalThe problem is that I cannot bind other certificates on port 444 on IIS
How can I bind the rest of the certificates on IIS on the same port?
How can I configure IFD for CRM 2011 with 5 certificates for Internal and External?
جميع الردود
-
03/رجب/1433 02:32 م
Hi Apostol,
Do you have 5 individual certificates or its 5 Sub domain certificate?
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin -
03/رجب/1433 03:02 مI have 5 individual certificates, one for each of adfs.mycompany.uk, auth.mycompany.uk, crm.mycompany.uk, dev.mycompany.uk and myorg.mycompany.uk
-
03/رجب/1433 03:08 م
I dont think its possible to configure IFD with 5 individual certificates. You need to get 5 sub domain certificate which is only one cert but it contains all the 5 host names information in it.
Or create a SSL wildcard certificate and configure IFD.
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin- تم وضع علامة كإجابة بواسطة Apostol Cristian 04/رجب/1433 08:57 ص
-
03/رجب/1433 03:20 م
SAN certificates usually refer to ONE certificate that has several 'alternative' names attached to the certificate, hence the name 'subject alternative name' certificate. The way we have done this is to put all 5 (or more) of those URL's you mention onto one single SAN certificate (or use a wildcard cert where allowed). To my knowledge, you can only bind one certificate to a website in IIS. Then you can have internal and external all working on the same port, you should not need to split them out.
On a side note, wildcard certs are obviously a little nicer if you may be adding additional organizations in the future for any reason
- تم وضع علامة كإجابة بواسطة Apostol Cristian 04/رجب/1433 08:57 ص
-
04/رجب/1433 11:59 ص
As I understand it seems to be ok to use a UCC certificate with multiple Subject Alternative Names like adfs.mycompany.uk, auth.mycompany.uk, crm.mycompany.uk, dev.mycompany.uk and myorg.mycompany.uk ?
-
04/رجب/1433 12:12 م
Yes, this is what you need to buy.
Regards,
Khaja Mohiddin
http://www.dynamicsexchange.com
http://about.me/KhajaMohiddin
