|
Home > Archive > IIS Server Security > February 2004 > SSL w/o CA or domain name
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSL w/o CA or domain name
|
|
|
| Hi. I'd like to expose a few documents so that employees can very
easily access them at home. My idea is to use iis and ssl. That way,
the employees could just use their web browsers to get the documents,
but still be sure the connection was secure.
I do not want to pay a certificate authority for this. There's no
reason for me to. Whatever certificate I get I can just distribute to
the employees on floppy disk and let them install it at home.
Also, I tried getting a temporary demo certificate from verisign but I
don't have a domain name pointing to this server, and I don't plan to
point one to it either. The employees can just type https://IPAddy/
So the question is, can I generate my own certificate? Can I make
this certificate work without pointing a domain name at the server?
BTW, I'm sure there are other secure ways to let employees access
documents. But this seems to me to be the most simple. After all,
everyone has a web browser and they all know how to use it.
Thx in advance
| |
| Jerry III 2004-02-27, 12:33 am |
| Yes and yes (just use the IP address as the common name). I personally use
OpenSSL to create certificates but you can use pretty much anything. And you
don't need to give your employees anything, if they don't install the root
CA (or the certificate if you create it self-signed) they'll get a warning
but SSL will still work.
Jerry
"eric" <enave@m-net.arbornet.org> wrote in message
news:cc50a09.0402260929.3488115d@posting.google.com...
> Hi. I'd like to expose a few documents so that employees can very
> easily access them at home. My idea is to use iis and ssl. That way,
> the employees could just use their web browsers to get the documents,
> but still be sure the connection was secure.
>
> I do not want to pay a certificate authority for this. There's no
> reason for me to. Whatever certificate I get I can just distribute to
> the employees on floppy disk and let them install it at home.
>
> Also, I tried getting a temporary demo certificate from verisign but I
> don't have a domain name pointing to this server, and I don't plan to
> point one to it either. The employees can just type https://IPAddy/
>
> So the question is, can I generate my own certificate? Can I make
> this certificate work without pointing a domain name at the server?
>
> BTW, I'm sure there are other secure ways to let employees access
> documents. But this seems to me to be the most simple. After all,
> everyone has a web browser and they all know how to use it.
>
> Thx in advance
|
|
|
|
|