locked
my domain is a .LOCAL I need to create a SSL cert to setup the ADFS in configuration wizard RRS feed

  • Question

  • I have a domain with a .LOCAL domain.  I need to import a SSL so i can setup my ADFS for my companies Domain.  The third step of the beginning of the setup process.     Is this possible to do or do you need to have a .com/net/org reference or domain?

    Thanks for your answers

    Friday, August 5, 2016 2:31 PM

Answers

  • The SSL subject name has to match the FQDN of the farm. And at some point, maybe you want to open the service externally. For that reason, even if your internal domain name is in .local, I'd pick something which is publicly available.

    You can have your AD domain in contoso.local and your ADFS farm such as adfs.contoso.com, it is fine as long as you own contoso.com domain and that you maintain your split brain DNS.

    Keep in mind that even if you don't want to open the service externally as of today, you might in the future.

    Also consider non domain joined clients in your on prem environment that will probably not trust the .local cert.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, August 5, 2016 3:10 PM