SSL Certificate Request Properties


  • Guys, I need some help filling out a SSL certificate request in Windows Certificates snap-in.  I need a basic SSL cert to encrypt SQL Server data in motion on a standalone SQL server in a domain.  Need help filling out Subject Name and Alternate Name properties.  I already have a procedure that I've used for cert requests for a AlwaysOn Availability Group cluster.  In that case, I fill out request as follows:

    Personal Store
    Create Custom Request
    Proceed without enrollment policy
    Template = CA Exchange
    Format = PKS#10
    Subject name: Type =  Common Name, Value = <FQDN of the cluster node>
    Alternate name: Type = DNS, Value = <FQDN of the AG listener>

    But for a standalone SQL server, what should the Common Name and DNS Name be?:

    Subject name: Type =  Common Name, Value = <?>
    Alternate name: Type = DNS, Value = <?>

    Should both be the FQDN, or should one or the other just be Netbios host name?


    Thursday, June 14, 2018 3:13 PM