lundi 16 avril 2012 17:24
Hello all. Our customer has current implementation: Two CRM FrontEnd servers that will be deployed in a DMZ, load-balanced via software (Windows Server 2008 R2 SP1 NLB feature); two CRM BackEnd servers that are deployed internally, load-balanced via software also (WS 2008 R2 SP1 NLB feature).
In deploying the solution in the DMZ servers, we are asking for a certificate. But I want to validate with the Forum what kind of certificate should I ask for since they want that both internal and external clients access the CRM solution with the DNS name tjb.pre.com.co. I'm pretty sure that a Wildcard Certificate will do, but want your help 1) to assure this and 2) to get some further specifications of the certificate like encryption and whatever stuff is useful. For what is worth, external certificate will be issued by Verisign.
Guillermo Taylor F.
IT Pro & Xbox gamer
Toutes les réponses
lundi 16 avril 2012 19:43Auteur de réponse
If you making CRM available from the outside, I would definitely say a signed certificate is required. These days the minimum mandatory encryption level is normally enough. Bear in mind more encryption slower the authentication.
If you have available a wildcard certificate that will be enough, but you can also just request one for the domain tjb.pre.com.co.
Visit my blog for CRM material, improving performance, kerberos, IFD, development tips, etc. :) http://quantusdynamics.blogspot.com