David, Using FQDN certificates is the recommended method and it works great. If you do need to change the IP address on the boxes, all you need to do is change a DNS record and the certificate still works. If you are setting up fail-over pairs, then FQDN certificates are the only ones you can use. If you do use an IP cert and switch to FQDN you need to obtain all new certificates.
Doug DOUGLAS R. COOPER Systems Administrator, CCNA Information Technology Services Trinity University 210-999-7437 (w) 210-643-8811 (m) [email protected] http://www.trinity.edu/ On Thu, Apr 8, 2010 at 1:53 PM, David Pifer <[email protected]>wrote: > I am in the process of creating new servers and getting Certificates for > the servers. Is there any known gotcha using the FQDN over the IP addresses > for the Certificates? Also if I setup it all up boxes with IP addresses, > will it be a real hassle to convert to FQDN to apply the certificates? > > > > > > > > David L. Pifer - N9YNF - CCNA > > TIS Network Engineering Services > Indiana State University, Office of Information Technology > 210 N. 7th St., Rankin Hall R044, Terre Haute, IN 47809 > 812.237.2923 office 812.237.4361 fax > > [image: CCNA] > > * * > > *Indiana State University and the Office of Information Technology would > like for you to know: > *** > This email, and any attachments, thereto, is intended only for use by the > addressee(s) named* > > *herein and may contain privileged and/or confidential information. If > you are not the intended* > > *recipient of this email, you are hereby notified that any dissemination, > distribution or copying of* > > *this email, and any attachments thereto, is strictly prohibited. > *** > A full disclosure of ISU and OIT Official Computing Policies and Procedures > is available at* > > *http://www.indstate.edu/oit/official_docs/compolicy.html<http://web.indstate.edu/oit/official_docs/compolicy.html> > *** * > > > > >
<<image001.jpg>>
