Q&A from the SSL Webinar

Here is the Q&A from the just-completed SSL on SBS 2008 webinar. Not many questions, so we either did a good job of covering the material in the webcast, or we had a lot of sleepy attendees!

Question: What is the URL for that blog post?
Answer: http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html
Question: this is great. We get to see reality.
Private Answer: Welcome to the real world
Question: Yup
Answer: Sometimes you’re the windshield.
Question: i had a customer order SSL cert from GoDaddy for their SBS box. Then they wanted to install a SSL cert to their Calyptix betwork/firewall box, which does not support the intermediate cert. Is their any problems with going to a different cert provider to get a second, different SSL cert for the same public domain name?
Answer: For devices with out the ability to add additional intermediate certs, it would be best to go with another trusted provider like Verisign
Question: Can I move a cert from a SBS2003 that I am decommissioning?
Answer: If the certificate provider allows you to re-key the certificate to your new server, then yes.
Question: Are there any recommended vendors for the SSL certs that people have used and feel they did a good job for the price?
Answer: We’ve used Dotster which issues a Thawte cert (so no intermediate cert needed). Only issues with them is making sure your domain registration is correct (no ex-employees as admin or techinical contact), but that’s the same with any SSL certificate provider.
Question: the certificate renewal process… how much effort is required each year on an annual renewal? Can it be disruptive to business?
Answer: You will need to load the certificate into any devices that required manually installation the first time around.
Question: We use two static IPs for autofailover. SSL certs works well. We use DynDNS now, used to use dns made easy. We use our domain name. Our GoDaddy Cert works fine without the itermediate cert, since GoDaddy is not a top level cert auth.
Answer: Good info. Any issues with Windows Mobile devices?
Question: Even with a paid cert, don’t I still have an issue using dyndns? since my cert if for domainname.net and using dyndns makes it domainname.dyndns.org
Answer: The certificate has to be assigned to your domain, not to dyndns.org. there’s an additional service you need to purchase from them to make that happen.
Question: ENOM have a very good cert for SBS
Answer: Good to know.
Question: Yes, I know I need to go with a different provider. But when you request a cert, it asks if you are using IIS or Apache. So we already have the GoDaddy cert for IIS, and now we want to get a cert for an Apache (Calyptix box) with the same public domain name.
Answer: Yes you can do that.
Question: I notice that this presentation is # 6. Are the previous presentations available to be viewed? If so, where?
Answer: http://www.thirdtier.net/store
Question: No with Win Moblie 6. No old stuff.
Answer: Thanks for that!
Question: Is it difficult to add an SSL cert to a website in SBS 2008 that isn’t part of the “package” SBS install?
Answer: Amy is answering this live.
Question: how do I get on the other session?
Answer: http://www.thirdtier.net/store/
Question: thanks
Answer: np
Question: one cert per ip address right?
Answer: yes
Question: Great info, thanks
Answer: thanks for attending!