locked
Certificate for CRM 2011 R7 RRS feed

  • Question

  • Hello all. Our customer has current implementation: Two CRM FrontEnd servers that will be deployed in a DMZ, load-balanced via software (Windows Server 2008 R2 SP1 NLB feature); two CRM BackEnd servers that are deployed internally, load-balanced via software also (WS 2008 R2 SP1 NLB feature).

    In deploying the solution in the DMZ servers, we are asking for a certificate. But I want to validate with the Forum what kind of certificate should I ask for since they want that both internal and external clients access the CRM solution with the DNS name tjb.pre.com.co. I'm pretty sure that a Wildcard Certificate will do, but want your help 1) to assure this and 2) to get some further specifications of the certificate like encryption and whatever stuff is useful. For what is worth, external certificate will be issued by Verisign.

    Thanks,


    Guillermo Taylor F.
    IT Pro & Xbox gamer
    My blog

    Monday, April 16, 2012 5:24 PM

All replies

  • Hi guillermo,

    If you making CRM available from the outside, I would definitely say a signed certificate is required. These days the minimum mandatory encryption level is normally enough. Bear in mind more encryption slower the authentication.

    If you have available a wildcard certificate that will be enough, but you can also just request one for the domain tjb.pre.com.co.


    Visit my blog for CRM material, improving performance, kerberos, IFD, development tips, etc. :) http://quantusdynamics.blogspot.com

    Monday, April 16, 2012 7:43 PM
    Answerer