locked
UAG SPS & SSL Certs RRS feed

  • Question

  • Hi,

    Snippet below is from Technet:

    So my question basically is this: if I want to publish JUST hrportal.woodgrovebank.com on a SSL Trunk....do I need to JUST purchase a hrportal.woodgrovebank.com certificate?

     

    Public host names

    When you publish SharePoint Products and Technologies via Forefront UAG, each SharePoint Web application is associated with a unique public-facing host name, which is used to access the application remotely.

    A SharePoint Web application that is published through the Forefront UAG trunk shares the trunk's definitions in addition to some of the trunk's functionality, such as the logon and logoff pages. This means that the application's public host name must reside under the same parent domain as the trunk's public host name; that is, the application and the trunk are subdomains of the same parent domain.

    The following table shows sample public host names of Forefront UAG trunks, and the valid and non valid public host names for the SharePoint Web applications that you publish through each sample trunk.

     

    Forefront UAG trunk’s public host name Trunk’s parent domain Examples of valid public host names for SharePoint Web application Examples of non valid public host names for SharePoint Web application

    uag.woodgrovebank.com

    woodgrovebank.com

    hrportal.woodgrovebank.com

    hrportal.a.b.woodgrovebank.com

    hrportal.uag.woodgrovebank.com

    hrportal.com

    uag.ext.example.com

    ext.example.com

    hrportal.ext.example.com

    hrportal.a.b.ext.example.com

    hrportal.uag.ext.example.com

    hrportal.com

    hrportal.example.com

    Wednesday, April 21, 2010 1:38 PM

Answers

  • according to some text further down:

    All the public host names that are used in the trunk must be covered by this certificate, including the trunk's public host name and the public host names of all the applications that are accessed via the trunk.

    so SANs or Wildacards is the way to go then

    • Marked as answer by Erez Benari Wednesday, April 28, 2010 12:29 AM
    Wednesday, April 21, 2010 2:09 PM

All replies

  • according to some text further down:

    All the public host names that are used in the trunk must be covered by this certificate, including the trunk's public host name and the public host names of all the applications that are accessed via the trunk.

    so SANs or Wildacards is the way to go then

    • Marked as answer by Erez Benari Wednesday, April 28, 2010 12:29 AM
    Wednesday, April 21, 2010 2:09 PM
  • Yup :)
    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, April 21, 2010 2:30 PM
  • Oh this is more fun then I thought :-)
    Wednesday, April 21, 2010 2:36 PM