IntranetSSL

SSL Certificates for internal server names, reserved IP addresses & domain names.

IntranetSSL provides a cost effective solution to secure internal servers, applications, and IP addresses that do not require public trust yet want to benefit from SSL encryption. With IntranetSSL, enterprises receive the same high level of security and certificate features of publicly trusted SSL Certificates, but the certificates are issued using GlobalSign non-public CAs.

Beginning 1 November, 2015, the CA/Browser Forum will prohibit the use of internal server names and reserved IP addresses in publicly-trusted SSL Certificates.  This means if you normally receive SSL Certificates from a public CA (such as GlobalSign), you won't be able to use their certificates for internal server names any more. IntranetSSL from GlobalSign allows enterprises to continue to issue SSL to internal server names and reserved IP addresses without the need to run your own CA or use self-signed certificates because the certificate are issued using GlobalSign's non-public CAs.

Why use IntranetSSL?

  • Beginning 1 November, 2015, the CA/Browser Forum will prohibit the use of internal server names and reserved IP addresses in publicly-trusted SSL Certificates

  • Continue issuing SSL Certificates containing internal server names and reserved IP addresses without the need to run your own in-house CA or use self-signed certificates

  • Secure internally used domain names and servers that do not require public trust

  • Issue certificates with options which would otherwise not be permitted under public hierarchies including the use of SHA-1 and 4-5 year certificates.

  • Utilize GlobalSign's WebTrust-certified infrastructure and management tools to discover, track, report, and manage all certificates across a dynamic server inventory

IntranetSSL Certificate Key Features

Secure RSA 2048 bit and ECC 256 bit hierarchies
Flexible signing algorithm choices of SHA-1 or SHA-256
Reissue as many times as needed during the validity period.
Secures up to 100 SANs including internal server names, domain names, subdomains, wildcard and IP addresses
Instant issuance from GlobalSign's certificate management platform
Support for longer validity periods than what is permitted under public roots
Optional AutoCSR - we'll create the keys and CSR for you
Unlimited server licensing- install across as many servers as you wish

How can IntranetSSL be used?

IntranetSSL supports the issuance of SSL Certificates with Internal Server Names and Reserved IP addresses in the CN and SAN values; furthermore, mix and match internal, FQDNs, sub-domains, wildcard, and Global IP addresses in one certificate using a single certificate under a non-public GlobalSign root.

  • Internal Server Names
    (mail)

  • Local Host Names (mysite.localhost)

  • Reserved IP Address (192.168.0.0)

  • Fully Qualified Domain Name (www.mysite.com)

  • Sub-Domains (mail.mysite.com)

  • Wildcard (*.mysite.com)

  • Global IP Address (128.255.0.1)

Diagram Arrow

private-ssl.jpg

Comprehensive Certificate Management

IntranetSSL Certificates are issued directly from GlobalSign's Managed PKI Service providing enterprises the same robust certificate management lifecycle features as publicly trusted SSL Certificates but issued using GlobalSign's non-public CAs. Manage your publicly trusted and privately trusted SSL Certificates all within one single platform.

Benefits of GlobalSign's Managed PKI platform:

  • Cloud-based certificate management platform reduces the effort, cost, and time associated
    with managing multiple SSL Certificates.

  • Support for multiple entities under one account and delegated user administrator offer complete, centralized control of certificate needs across your entire organization.

  • High capacity and highly available OCSP services

  • Local scanning and discovery tools to discover and track your internal servers that need IntranetSSL certificates

  • Fully automated issuance via our APIs

GlobalSign gives you all the tools, services, and SSL products to reduce risk, respond to threats and control SSL cost. Take control of your SSL management with GlobalSign today!

Next Steps

Contact us today to start securing your internal server names!