[openssl-users] Non-self-signed SSL certificates for private hosted DNS zones
Traiano Welcome
traiano at gmail.com
Tue Mar 7 07:21:54 UTC 2017
Hi List
I have a private DNS zone hosted on AWS route 53, only resolvable from
within some specific VPCs.
It appears some applications require an SSL certificate associated with the
private DNS zone, and this SSL certificate should come from a trusted,
external certificate provider (cannot be self-signed).
My questions are:
a) Is this a known use-case? i.e private dns zones requiring
non-self-signed certificates?
b) Since the DNS zone is not resolvable on the public internet, how would
the certificate validation process occur for applications communicating
with systems in the private zone ?
c) Do SSL certificate providers issue trusted SSL certificates for private
DNS zones?
Many thanks in advance for any advice here!
Traiano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170307/abae1975/attachment.html>
More information about the openssl-users
mailing list