[SOLVED] Public IP for Windows Server?

[rrreed]

Hello all! I'm stuck on a little issue while trying to get an SSL certificate for one of my servers. I need to get an SSL certificate for its IP because I have a public service that I run from it that is accessed from my website. In order to access this service at the moment, the user is sent to our routers public IP and then that uses the port number to forward them to the service. So you would see this (http://66.188.37.222:35855) in the browser's search bar. In order for the company that is selling us the SSL cert to authenticate that we control the server, they need us to place a file on our server so they can ping it. Unfortunately the IP address belongs to the router. Do I have any options for getting them directly into our server? Thank you for any and all information you can provide on this topic!

 

[kanewolf]

Have you purchased multiple public IP addresses from your ISP ?
Your router needs one and your server needs a different one. If you have multiple public IP addresses, then you would use a switch between the modem and router. Put the public interface for the host on that switch.

 

[bill001g]

This is partially why people host servers rather than trying to run themselves anymore. IP addresses are hard to come by.

So a non standard thing that works but I am unsure if SSL will detect this hack.

Place a second router in between your main router and the server. On the wan side assign it a ip from your lan and port forward your main router to it or if you want use DMZ.'

Now in the second router assign a small subnet that contains the public IP to the lan. What you are doing is in effect stealing the complete block of IP that has you public address. Since it is only used on the lan it will not hurt anything on the internet. You then assign the sever the actual IP and point it to the gateway on your second router. You will need a dmz or port forwarding option on this router also pointing to the actual server.

This is generally works because the nothing seems to check for duplicate IP in the path. I have never tried it with a SSL certificate though but I can't see how it would know you were doing that.

The problems this causes is any IP you duplicate will be unreachable on the internet. May not matter but you may have to adjust the subnet mask if there are other ip close you need. The second will be device in your main lan will have issues getting to this server. It may or may not work to use the public ip this all depends on a feature called hairpin on the primary router.

 

[jrazor247]

I will just comment that my AC got very cold while reading this thread.