I can create a public certificate with name *.srdr.trade in ACM. But while trying to obtain a certificate with name *.trade, this gives an error invalid domain name. is there any way that I can obtain this kind of certificate, any work around possible? actually i want to use below domain names with https.
srdr.trade
dev.srdr.trade
stage.srdr.trade
Never mind, If I put below two in ACM dns name, that works for me.
*.srdr.trade
srdr.trade
Related
i am facing issues in SSRS configuration:
A. i have two domain URL (https://xyz.domain1.com) and (ttps://abc.domain2.com).
B. i have certificate for each domain like
xyz.domain1.com - certificate one (*.domain1.com) -- 443
abc.domain2.com - 2nd certificate (*.domain2.com) -- 443
C. In SSRS - i have one virtual directory in web service URL
SSRS-> Webservice URL -> virtual directory name : "Report Service"
[enter image description here][1]
D. in advance setting
[enter image description here][2]
E. in Report manager URL, i am trying to bind two 443 domain but i cannot
while i bind both url and port 443 then i got this error
Microsoft.ReportingServices.WmiProvider.WMIProviderException: An SSL binding already exists for the specified IP address and port combination. The existing binding uses a different certificate from the current request. Only one certificate can be used for each IP address and port combination. To correct the problem, either use the same certificate as the existing binding, or remove the existing SSL binding and create a new binding using the certificate of the current request.
Question:
now i need to connect my report server using two different URL and unique SSL certificate each URL.
But i cant bind this two urls using 443 to connect report server.
I can bind one url and certificate then its working for one URL only.
How do i bind two URLS and certificate to one report server and make it work for two URL's
please help on this issue.
I suggest you try ignoring the error on the first URL ('Web Service URL') and proceed to bind the certs to the 'Report Manager URL' as well. You may have to manually edit the bindings in Advanced Settings, but once you get them looking right in Advanced Settings, SSRS should work.
And a second suggestion, though it looks like you already have done this: be sure the common name (CN) for the wildcard certs are *.domain1.com and *.domain2.com. SSRS will only accept host names that match the CN, and in your case, where you're binding 2 certs to same port, the CNs must be different.
Here's a related point for anyone trying to make the multiple hosts in a single subdomain case work: e.g, https://foo.localdomain/reports and https://bar.localdomain/reports.
Request your SSL cert with Common Name (CN) = *, not the server name or anything specific. Then list all the permutations of DNS names that you want to support in the Subject Alternate Name (SAN) field. The url looks funny in SSRS Configuration Manager (https:+:443), but it Works on the Wire(tm).
If you specify some non-wildcard for the CN, you'll get 'resource not found' error tryng to connect, although the SSL handshake will work.
To achieve the objective you need a Multi-Domain SSL or Wildcard SSL certificate, for example:
Multi-Domain SSL(Multiple Domains)
xyz.domain1.com
abc.domain2.com
Wildcard SSL(Sub-domains)
xyz.domain1.com
abc.domain1.com
Reference:
Multiple Domain (UCC) SSL
Secure multiple domains and
sub-domains on one certificate
I like to know how i could park .tk domain on openshift .
i have made an alliance for my :
diy-phpfm4nginx.rhcloud.com domain in openshfit console.
i enterde my-domain.tk as alias in .tk and set tk CNAME setting like bellow:
nothing(i mean i have placed it empty!) ---> CNMAE----TTL=14440,Target=my-domain.rhcloud.com
www---> CNMAE----TTL=14440,Target=my-domain.rhcloud.com
you could see page images in:
http://oi61.tinypic.com/33c0ytj.jpg
and it works. so in openshift sites they have advised to use domain forwarding because they said : only "www." would work,but "http://" would not work for .tk domains work. SO have it is possible when it worked form me.
if you like , you could look at the :
Try using domain forwarding instead. Reason being, you are able to
use CNAME records for www.yourdomain.tk, but not for yourdomain.tk
since the service doesn't allow it.
i like to know am i misunderstand CNAME setting, or i am Right.
Finally ( inside of .tk naked domain ability ) i found some 3d redirect part for redirecting naked domain to www. domain you could see more details here:
http://wwwizer.com/naked-domain-redirect
thanks a lot for your attention.
Anyway from reading your question and i think you wanted to achieve
nothing.com ---> my-domain.rhcloud.com
For the above case (naked domain) === you either need to use Domain Forwarding or find a DNS provider that allows "Naked" CName records.
for the sub domain like www.nothing.com set rhc alias add will work for you.
What is the "official" url I should use if I want to indicate just a resource that fails as soon as possible?
I don't want to use www.example.com since its an actual site that accepts and responds requests and I don't want something that takes forever and fails from a timeout (like typing using a random, private IP address can lead to).
I thought about writing an invalid address or just some random text but I figured it wouldn't look as nice and clear as "www.example.com" is.
If you want an invalid IP, trying using 0.0.0.0.
The first octet of an IP cannot be 0, so 0.0.0.0 to 0.255.255.255 will be invalid.
For more info, see this question: what is a good invalid IP address to use for unit tests?
https://www.rfc-editor.org/rfc/rfc5735:
192.0.2.0/24 - This block is assigned as "TEST-NET-1" for use in documentation and example code. It is often used in conjunction with domain names example.com or example.net in vendor and protocol documentation. As described in [RFC5737], addresses within this block do not legitimately appear on the public Internet and can be used without any coordination with IANA or an Internet registry. See[RFC1166].
Use .invalid, as per RFC 6761:
The domain "invalid." and any names falling within ".invalid." are special [...] Users MAY assume that queries for "invalid" names will always return NXDOMAIN responses.
So a request for https://foo.invalid/bar will always fail, assuming well-behaved DNS.
Related question: What is a guaranteed-unresolvable (but valid) URL?
if it's in a browser then about: is fairly useless - but it would be better if your service returned the correct HTTP status code - e.g. 200 = good, 404 = not found, etc.
http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
Due to a limitation on our SMTP provder's side, we're having to use System.Web.Mail (deprecated), which is a wrapper around CDOSSYS.
Because we'd like to avoid having to change multiple configurations if we switch providers at a later date, we set up an internal alias for our providers FQDN.
So, mailrelay.ourdomain.com -> mailrelay.provider.com.
When I try to connect to either our alias or the provider's IP, a COM error bubbles up: "The transport failed to connect to the server." If I connect to the provider's true FQDN, everything works as expected.
I've looked in Wireshark, and I can see the certificate being requested, but not much happens after that.
I'm wondering if anyone knows if CDOSSYS checks to make sure the requested host name matches the FQDN on the certificate and fails if it doesn't match.
I've tried searching for an answer to this question, but I can't seem to find it.
I can't find a definitive answer, but from what I can tell, yes, CDOSYS does require a certification to match an SMTP server's FQDN when using SSL.
edit: more to the address than I had given in the example. It has a subfolder?? https://some_external_website.com/bh/public
Is it correct to say that xxx is a subdomain of yyy.com written as xxx.yyy.com
email I sent to the BIG IT dept: names changed to protect the innocent
Additional Info:Please create an entry that will map the subdomain xxx.yyy.com to https://some_external_website.com/bh/public
this is an externally hosted web application. Please call me if you have any questions.
--end of message--
About an hour later I get a call because they don't know what I want, I was told that xxx is not a subdomain. The correct definition subdomain it would have to be xxx.www.yyy.com.
The first component of a "domain name" is always the hostname. We can view a domain name as consisting of a hostname followed by one or more domain components. Each domain component is a subdomain of the component to it's immediate right. In xxx.yyy.zzz, xxx is the hostname (typically of a single machine, unless some kind of load balancing is going on), and yyy is a sub-domain of the zzz top-level domain. Colloquially we usually refer to zzz as the top-level domian, yyy as "the domain", and all other names to the left (excluding leftmost which is the hostname) as sub-domains. I'll add the disclaimer that I am by no means a DNS expert but to the best of my knowledge this would be why they aren't understanding your question. The hostname is not a "domain" per-se, i.e. it defines a single machine rather than a group (domain) of machines.