is it possible to make tickets and SSO work when the domain in the certificate signing request is different from the webserver name of the K1 appliance?
Hello my people.
I have an issue with the k1 I need help with.
In summary...... let say for example my k1 is named...... "myk1.company.com".
Our ADDS domain is "company.com".
Everything was working fine. Tickets were ok..... (ticket notification emails were ok with URLs to the
tickets showing "myk1.company.com/userui/ticket?ID=153258")
SSO was also enabled and working fine. K1 was joined to company.com.
Now the issue started when management wanted to enable SSL for external clients
over the internet. Also they wanted the clients to login with Support.help.com.
(This is more user-friendly to our poor clients......).
So in the SSL certificate for I created a cert signing request using Support.help.com.
We've purchased a third-party cert for Support.help.com , the certificate has been
uploaded to the k1 and SSL enabled.
Now comes the issue, Ticket links within emails no longer work. The url...myk1.company.com/userui/ticket?ID=153258
will no longer work. I assume because the link is generated from the k1 webserver name which is "myk1.company.com",
while SSL is waiting for "Support.help.com/userui/ticket?ID=153258". So certificate errors are being thrown about.
SSO is also not working anymore. Using the new Support.help.com requests a login from users.
While using the old myk1.company.com logs in automatically with SSO but also throws a certificate error.
So the question is... is it possible to make tickets and SSO work when the domain in the certificate signing
request is different from the webserver name of the K1 appliance.
If I understand correctly the reported issue, you may be able to solve this in DNS.
DNS has CNAME records (a.k.a. aliases) which is a name pointing to another name. The translation from name to name to IP all happens in the background and your browser only cares about the initial name. The certificate name must match what the user entered in the browser.