1 Reply Latest reply on Apr 8, 2015 6:23 AM by jcooper

    Can Security Certificates use IP rather than domain?

    dkb

      I know little about Security Certificates but I must now take the plunge. I have users connecting to FMS 13 with FMP, FMA, FMGo and WebDirect. We only use server IP address rather than domain. A few FMP and WD users are behind a corporate firewall; they connect via a proxy IP.

       

      If possible, I would like to install a Certificate using the server IP rather than switch users to a domain. The question is: can Security Certificates use IP rather than domain? What happens to those behind the corporate firewall that connect via a proxy IP?

       

      Cheers,

      - doug

        • 1. Re: Can Security Certificates use IP rather than domain?
          jcooper

          We don't run a domain, but we sort of "cheat" and set up static entries on our firewall that point back to our local servers.  It's not a full dns server; it just has a list of entries that it checks before sending the request out to the ISP, if the entry matches, it redirects the traffic back to the designated LAN IP.  That way, when users connect to our FMS, they connect to fms.somedomainname.com which isn't registered anywhere; it's just an entry on our gateway, which is also the dns forwarder for our LAN users.  We have a web domain, but don't run a domain internally.

           

          But I'm not sure if that will work because I'm not sure is if a CA needs to be able to see the address referred to by the domain name in the certificate request in order to generate a certificate; or verify it when a user connects.  May be a question for godaddy or someone.

           

          Sorry it's kind of a non-answer; as I was typing I kept thinking of more angles and issues.

           

          Jeff