Our internal and external domain is the same - domain.com, and for the internal users to be able to reach our website hosted externally, we installed IIS with redirection on all DCs. So when internal users type in http://example.com they are redirected properly, but when https is used, it bombs. I believe it's because none of our DCs listen on 443, so all those https requests are dropped. My question is what is the best approach to remedy this, apart from renaming the domain?
Asked
Active
Viewed 44 times
0
-
2The obvious? Have IIS answer port 443? – Michael Hampton Nov 19 '20 at 20:34
-
3IIS on DC? Cannot be more horrible. – Lex Li Nov 19 '20 at 22:12
-
Michael, yes, pretty obvious :). My question is really about putting SSL cert on domain controllers. What kind of cert does it need to be? Best practices, gotchas, etc. – YGK Nov 19 '20 at 23:51
-
Lex, yes, not the most elegant solution. What would you do in this situation? – YGK Nov 19 '20 at 23:52
-
best practice on Domain Controllers : keep them on their best job : be domain controller. if you need a certificate authority for radius for exemple its the only reason to do sometime around certificate. If its about serving web pages with SSL, use another server/vm we are in 2020. – YuKYuK Nov 24 '20 at 16:07