Recently, I've been working on creating a basic reporting infrastructure. For simplicity's sake, we're leveraging Log Shipping on a relatively small application database using SQL Server 2008 R2. (Note: since this second instance is in active use, a second SQL Server license is required.)
Since we have a server naming convention that states if the server's role is replaced, the new host must have a different name, I want to make that transition transparent in the future. I thought, let's leverage CNAMEs. I created a new CNAME record in our internal DNS and aliased the actual host name.
Now, we wanted to force clients to only use HTTPS when connecting to SSRS, so I needed to get a certificate issued and installed and setup bindings. Since this is for internal use and we have an Enterprise CA deployed, it was just a matter of requesting a certificate, except that I couldn't request a certificate based on the Web Server properties via the Computer certificate store.
Certificate Templates on my Enterprise Certificate Authority |
A quick hop over the the CA to adjust the security permissions to add Domain Computers for enrollment and I could request what I needed.
Adjusting security permissions for enrollment |
And now I can finally get what I need:
Initiate a certificate request from the local Computer certificate store |
Selecting a Web Server certificate |
Adding my CNAME and SANs |
No comments:
Post a Comment