testing SSL

[A.M]

Hi,

I need to test our site before we publish our public website.
The problem is our site uses SSL and I can not test SSL before I use our
public www.OurCompany.com address.
and www.OurCompany.com is mapped to our public address.

We use internal IP/computer name during testing. Is there any way to test
site with SSL encryption inside our LAN?

Thanks,
Allan

 

[Nicole Calinoiu]

Allan,

All you need to test SSL is to install a web server certificate to your test
server. You can issue this certificate yourself (i.e.: get it for free) if
you run your own certification authority (CA). Your network administrator
should be able to help you with this. If you are not already running a CA
within your network, you can install the Microsoft Certificate Services
application on any Window NT4 or higher server (including your
development/test web server). For an introduction to using Microsoft
Certificate Services to issue IIS certificates, see
http://www.microsoft.com/technet/pr...logies/iis/maintain/featusability/c06iis.mspx.

HTH,
Nicole

 

[A.M]

Thans Nicole for help.

Can I just create a fake www.OurCompany.com in our internal DNS and then buy
the SSL key from verisign for www.OurCompany.com and test the application
in SSL mode inside our LAN?

Allan


Can I just

 

[Nicole Calinoiu]

Allan,

You could, but that's not the usual approach to testing applications over
https. In general, neither the name of the server nor the within-server
path to the application should matter. You should be able to run your
application internally at https://anyserver/anyfolder/ for testing purposes.
All that matters is that the web site on "anyserver" be configured for SSL
with a server certificate. Why pay for this certificate when you can get it
for free (and even less time investment than applying to a commercial CA)?
If you don't have an internal CA already and there's nobody on your team who
has set one up in the past, the initial time investment might be a bit
higher (but still probably no more than a few hours). Later setups and uses
would probably run under 5 minutes. Acquiring a certificate from a
commercial CA can take days to weeks, and you really don't want to deal with
the hassle that would result if your commercially issued certificate ends up
being "mishandled" in the dev/test environment...

HTH,
Nicole

 

[Steven Cheng[MSFT]]

Hi Allan,

I'm viewing this thread and found that many other community members are
discussing with you in another thread named
"RE: Client Side Certificate" in this newsgroup.
If you feel it convenient that we continue to focus on that one, please
feel free to post there. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[A.M]

Nicole,

I want to apprecite you for refering me to that link!! I just implimented
the certificate server and it worked fine!!
It was so well explained and i am happy to know William R. Stanek the book's
author.

Thanks,
Alan