SSL certificates can be used in many areas, including internal server encryption.
On the back-end, database servers, CRM servers, application servers, backup servers, mail servers are some of the commonly used internal servers. Whether you have one or more servers, DigiCert SSL has a solution to encrypt all of them.
See below on a full range of products that is compatible with internal servers:
SSL Plus Certificates
SSL Certificate that secures a single-name, with and without the ‘www’ suffix
Extended Validation (EV) Certificates secure a single domain name and comes with an added feature of displaying the organization’s name on the address bar.
Multi-Domain (SAN) Certificates
Unified Communications (UC) Certificates i.e multi-domain certificates can secure up to 25 different domains as Subject Alternative Names (SANS). The base price includes 4 domains with the others to be purchased separately.
EV Multi-Domain Certificates
EV Multi-Domain Certificates are for those who wish to secure multiple domains with the green bar of assurance. Similar to UC Certificate, but better.
Wildcard SSL Certificates
Wildcard SSL Certificate uses Subject Alternative Names (SANs) to secure a domain and multiple subdomains.
All publicly trusted SSL Certificates issued to internal names and reserved IP addresses will expire before November 1, 2015. Certificate Authorities (CAs) will have to revoke any certificates containing internal names by October 2016.
What is an Internal Name?
An internal name is a domain or IP address that is part of a private network. Common examples of internal names are:
- Any server names with a non-public domain name suffix. For example, www.business.local or server1.business.internal.
- NetBIOS names or short hostnames, anything without a public domain. For example, Web1, ExchCAS1, or Frodo.
- Any IPv4 address in the RFC 1918 range.
- Any IPv6 address in the RFC 4193 range.
What does this mean for you?
If you are a server admin using internal names, you need to either reconfigure those servers to use a public name or switch to a certificate issued by an internal CA before the 2015 cutoff date. All internal connections that require a publicly-trusted certificate must be done through names that are public and verifiable (it does not matter if those services are publicly accessible).
Please note that in June 2011, ICANN approved the New Generic Top-Level Domain Program (gTLD) which allows organizations, individuals, and governments to apply for top-level namespaces. This will affect many SSL Certificates for internal names before the internal name cutoff date.