Converting EV to SSL- common name query

Dear All,

We would like to convert to SSL.  (Port 80 to 443)

We have 3 EV servers includes –dedicated for Journal archiving

3 EV servers – Mailbox archiving and File system archiving

1 Server –SQL

There are 7 service group in VCS, Enterprise vault service group is configured in n+1 VCS cluster i.e we have two failover node for each Enterprise vault server

EV version-EV 11.0.1

SQL-2012 sp-1

Exchange 2013

 

I have refer HOWTO83452 guide however want to know 

 

Do we need certificate on all EV servers including journal archiving? Also I have to generate certificate for DR server as well?

 

Please let me know what is Common name indicates here? it is aliase name of each EV server or computer name or EV Site name?

 

Also what is DNS indicates here? (attached screeshot)

 

2 Replies

Re: Converting EV to SSL- common name query

First of it is important to understand your requirement for going SSL. Smiley Happy This is the starting point to answer your queries. 

1. Do we need certificate on all EV servers including journal archiving? Also I have to generate certificate for DR server as well?

You would require certificate to be applied on all EV servers, but you dont need 3 certificates for that. Basically you need to bind the same certificate with the EV alias on each server.

It will be required on the DR server as well in case you run EV from DR server, the SSL communication would require certificate for comunication.

2. Please let me know what is Common name indicates here? it is aliase name of each EV server or computer name or EV Site name?

The explaination from document is clear. Common name is the EV servername. So while adding Common name, add all three EV servers in there. 

Also what is DNS indicates here? (attached screeshot)

Domain name is the External namespace for DNS. This is the DNS name for accessing your EV from outside. This is used while connecting using OWA from outside corporate network.

If you have more than one external namespace, add all of them.

Highlighted

Re: Converting EV to SSL- common name query

Thanks for your response.

Yesterday I have provided the certificate request to our windows team however the question raised by the team is what needs to be provide in CN name (attached screen shot) while generate the certificte.

They have given me the example of exchange server as they have provided Exchange server owa url in front of CN name according to them  EV server should be accessiable from this url

It seems we have to provide the EV url name here however I am worried here as when I have check my few users which resides on EV1 access http:\\ev1\enterprisevault\search and EV2 user acces http:\\ev2\enterprise vault\search and for EV3 http:\\ev3\enterprisevault\search

Which url I have to provide them?

We just want to convert http to https for internal use only. We are not going to publish our EV url as we have decided to provide EV access through VPN while accessing from outside.

How I bind the same certificate with the EV alias on each server.?

Please guide me.