What is an Intranet SSL Certificate?
An Intranet SSL certificate is a Private/non-Public SSL (TLS) Certificate issued by SecureNT. Technically, it is similar to the SSL certificates issued by Public CAs (like DigiCert, GlobalSign, Entrust, Sectigo, or Let’s Encrypt) but it is used on internal networks or private sites.
Thus, the Intranet SSL certificate is installed on the servers of an internal private network. After installation, whenever a user (client PC) on a local network connects to this server using a browser, all data flowing between the client PC and the server is encrypted and no one can read it, even with snooping tools. Thus, confidential data and passwords flowing on the internal network remain secure from unauthorized users and even hackers.
Please note that the Intranet SSL certificate’s root certificate chain is not trusted by default on popular browsers like Chrome, Edge, Internet Explorer, Safari, Firefox, etc. This means that unless certain steps are taken, a client PC will get a “certificate not trusted” error when a user uses a web browser to access a website hosted on a Server with Intranet SSL. But these steps need to be taken once only. After those steps are taken, the client PC will always trust the Intranet SSL certificate.
Then why use an Intranet SSL on Internal Network Servers?
CA/Browser Forum (CA/B), the regulatory body that governs the SSL industry, does not allow Public CAs to issue Public SSL Certificates to Private Internal Networks covered under IETF RFC 1918.
So, internal/private Servers have to use SSL Certificates from non-public CAs or Self-Signed Certificates. Of course, some of these Public CAs do issue Intranet/non-Public SSL Certificates using non-Public Root Certificates. SecureNT Intranet SSL does the same but offers it quickly and at a much more attractive price.
But, what to do if the Client browser gives an error while accessing Servers with Intranet SSL?
Windows PCs and Macs having SecureNT Intranet SSL root certificate chain added to their operating system’s certificate store will automatically trust the server and users will not know the difference.
For this, two Intranet Root Certificates need to be installed once, on to each of the Windows client PC. On a Mac, customers will need to open Keychain Manager and explicitly trust each of the two root certificates. To automate installation of root certificates on multiple machines, one can use Microsoft’s Group Policy for PCs; and Parallel’s Device Management for Macs. Click here to find the installation details.
Firefox does not use the operating system’s certificate store for storing the root certificates. So, root certificate chain is added differently. Read this article for details.
Types of Intranet SSL Certificates offered by SecureNT
SecureNT Intranet SSL Certificate – Single Domain secures an Intranet Server’s Local Host Name, Server Name, internal/public IP Address, or Web page URL using Secure HTTPS protocol.
Certificates are valid for a period ranging from 1 to 10 years. One can install the certificate on unlimited servers. We offer a 90-day Free Single Domain Certificate.
SecureNT Intranet SSL Certificate – Multi-Domain (1 + 4 SAN) secures an Intranet Server’s Local Host Name, Server Name, internal/public IP Address, or Web page URL plus 4 SAN values using Secure HTTPS protocol. In case you wish to secure more than 1+4 SAN, then you will have to purchase additional SANs in multiples of 5 SAN values. There is no limit to SAN values.
What is a Multi-Domain (also known as SAN) Certificate?
A Multi-Domain (or Subject Alternative Name-SAN) certificate can support multiple domains, server names, IP Addresses with a domain. These certificates are more flexible than Wildcard certificates since they are not limited to a single domain.
Note: Only non-Wildcard names can be added as SAN.
Certificates are valid for a period ranging from 1 to 10 years. One can install the certificate on unlimited servers. We offer a 30-day Free Multi-Domain Certificate.
SecureNT Intranet SSL Certificate – Wildcard secures an Intranet Server’s Server Name or Web page URL and all sub-domains using Secure HTTPS protocol.
What is a Wildcard Certificate?
A Wildcard certificate is a single certificate with a wildcard character (* – star) in the domain name field. This allows the certificate to secure multiple subdomain names of the same base domain.
For example, a wildcard certificate for *.(domainname).com, could be used for www.(domainname).com, mail.(domainname).com, blog.(domainname).com, etc. Also, a special case of (domainname).com is also secured.
Certificates are valid for a period ranging from 1 to 10 years. One can install the certificate on unlimited servers. We offer a 30-day Free Wildcard Certificate.