How to make an SSL certificate for a private network?

B

Benedictus2021-04-21 11:31:11

Digital certificates

Benedictus, 2021-04-21 11:31:11

Good afternoon.

Colleagues, tell me about this issue. I have a subdomain test.company.ru which resolves in a private network on a private DNS server. The name test.company.ru is assigned to an HTTPS Web server, to which clients must access via a private network.

As far as I understand, there is a ban on issuing certificates for the .local domain, but it is not very clear with the issuance of certificates for other public domains that will be located in private addressing.

Actually, the question is, is it possible to order an SSL certificate for a web server named test.company.ru so that the browser does not swear at security when coming from test.company.ru?

PS
We have an SSL certificate for the company.ru domain, and, as I understand it, it is wildecard, since it is designated as *.company.ru in the certificate?

PPS
A self-signed certificate will not work, since we do not have access to client machines to certify it.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

K

ky0, 2021-04-21
@Benedictus

If there is a valid wildcard certificate for the domain, it does not matter whether it opens at an external address or a local one. Just use it in the web server configs and everything will work.
In general, nothing prevents you from issuing certificates for your internal domains, say, through Let`s Encrypt. If you do not want to add A-records for them on public NS-servers, then wildcard is the most optimal solution.