Wireless LAN
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
hutchingsp
Contributor
hutchingsp
Posts: 81
Registered: ‎05-03-2009
0

Replacing MX SSL Certificate?

Options

‎11-20-2011 01:47 PM

When our MX was installed it was setup to use https://web.portal as the portal FQDN.

 

The cert is now up for renewal.  I don't really want to be paying Thawte for an SSL123 cert (the only vendor I know of that issues "intranet" certs for non internet-facing FQDN's).

 

Is there any issue with using a portal name like wifi.ourdomain.com where ourdomain.com is our public facing domain name?

 

Obviously wifi.ourdomain.com wouldn't exist in our public DNS.

 

Thanks,

Paul

Message 1 of 3 (205 Views)
 
Reply
aaron.howard@uni.edu
Contributor
aaron.howard@uni.edu
Posts: 38
Registered: ‎12-03-2011
0

Re: Replacing MX SSL Certificate?

Options

‎12-03-2011 01:41 AM

That's the way I have three of our mx2800s configured. It works flawlessly. Be sure to add your intermediate ca certificates if you need them for validation. 

Message 2 of 3 (172 Views)
 
Reply
hutchingsp
Contributor
hutchingsp
Posts: 81
Registered: ‎05-03-2009
0

Re: Replacing MX SSL Certificate?

Options

‎12-03-2011 03:41 AM

Thanks Aaron.  Now I'm on 7.5 it seems I can disable SSL for the portal whilst doing the cutover, which is nice as it seems you can't renew a cert on an MX, only replace, which means a day or so of cert warnings whilst I wait for the CA to issue the cert.

 

My plan was to use a Godaddy (Starfield) cert so I'm aware I need to install the CA bundle, the main thing was ensuring that there's no issue using webportal.domain.com or a similar FQDN that references our public DNS.

Message 3 of 3 (164 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.