I have a SQL Server 2012 R2 running on a development server. This database must be available for intranet and internet, due to operational requisites.
My server is named museum01.company.intra, and has an alias for responding to mssql.company.intra. At internet, it is named mssql.company.com.br, and I also have an alias to map this name to museum01.company.intra.
When I enable SSL, using a certificate with a subject museum01.company.intra, the connections using aliases are refused. As the internet connections are important for my business, I decide to create a certificate with subject mssql.company.com.br, and use
aliases for intranet, but when I configure that, the server does not start because the hostname does no match subject name.
The ideal solution would be to force SSL connection over Internet, and allow clear connections only in intranet. Is it possible?
If not, how can I do to allow the server to startup using a certificate with a principal name that do not match the hostname? Of course I cannot rename the server due to my domain name and naming standards.
