Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

CSA MC 6 - How can I create an SSL Certificate that points to a name other than the hostname?

I have just installed CSA MC 6.0.2.  My company has a bunch of customer's that are on different domains.  We are all linked through VPN tunnels and would like to have all the agents point to a specific URL for updates rather than the hostname of the machine.

FQDN:                    testserver.abc123.internal

URL:                       thisserver.abc123.com

We already have everything setup so that the clients can reach thisserver.abc123.com but I need to create a certificate with this name without changing the server's hostname.  We also don't wnat update their host files.  Any ideas?

If anyone could help I would greatly appreciate it as we're looking to start upgrading the agents on all servers ASAP.

Thank you,

Cory

2 REPLIES
Cisco Employee

Re: CSA MC 6 - How can I create an SSL Certificate that points t

Cory;

  Unfortunately there is no supported method to generate a different SSL certificate for the MC.  The one option is to change the MC's hostname (and update the certificats/database and existing agent systems), but you indicated you do not want to perform that action.

Scott

Blue

Re: CSA MC 6 - How can I create an SSL Certificate that points t

What about putting the CSAMC in your DMZ and allowing those ports through your firewall?

The nice thing is it allows hosts to communicate with the MC no matter where they are.

You'd have to open up 80 to the MC for software updates but we haven't had any problems in 6 years with that setup.

Tom

735
Views
0
Helpful
2
Replies
CreatePlease to create content