Hjælp

SSL-certifikater Hjælp

Can I request a certificate for an intranet name or IP address?

No - we no longer accept certificate requests for either intranet names or IP addresses. This is an industry-wide standard, not one specific to GoDaddy.

Here are example of the types of "common names" you cannot request certificates for:

Type Eksempel:
Intranet server1, mail, server2.local
IPv4 192.1.2.3
IPv6 fe80:4:6c:8c74:0000:5efe:109.21

Why does this policy exist?

For at oprette et onlinemiljø, som er mere sikkert, mødtes Certificate Authorities Browser Forum for at definere implementeringsretningslinjer for SSL-certifikater. Som følge deraf skal Nøglecentre (CA) pr. 1.10.2016 tilbagekalde SSL-certifikater, som bruger intranetnavne eller IP-adresser.

In short, this policy increases security. Because internal server names are not unique, they are vulnerable to man-in-the-middle (MITM) attacks. In a MITM attack, the attacker uses a copy of the real certificate or a duplicate certificate to intercept and retransmit messages. Because CAs issue multiple certificates for the same internal name, an attacker can make a valid request for a duplicate certificate and use it for the MITM.

Klik her for at læse retningslinjerne for Nøglecenter/Browser Forum.

What are my alternatives if I want to use an IP address?

Instead of securing IP addresses and intranet names, you should reconfigure servers to use Fully Qualified Domain Names (FQDNs), such as www.coolexample.com.

After configuring a FQDN to point to your IP address, you can generate a CSR for the domain name, and then request your certificate.

Næste trin


Hjalp denne artikel?
Tak for din feedback. Benyt telefonnummeret til support eller chat-funktionen ovenfor, hvis du vil tale med en kundeservicerepræsentant.
Det glæder os, at vi kunne hjælpe! Er der andet, vi kan gøre for dig?
Beklager. Fortæl os, hvad du fandt forvirrende, eller hvorfor løsningen ikke løste dit problem.