Not sure where to post it, so I'm putting it here. I have several internal and external site that require SSL. I don't want to ahve to continue to purcahase UCC certs for these internal and external domains, so I want to find out about having my own SSL authorization system. I need to be able to authorize SSL certs for Intranet sites, and also Sites accessible from the internet. Need to also make sure that the certs don't error out, and are authorized. I called godaddy and network solutions trying to find answer, but can't seem to get anything other than a UCC. Any thought or ideas on what I can do?

If you use your own PKI infrastructure, that usually works well within the intranet. However, if you plan on exposing say a website externally, be default the external computers do not trust your certificates so their browsers will prompt with a warning indicating that the certificate is not trusted. That is why for external facing applications, you generally go with a trusted 3rd party certificate. Visit: anITKB.com, an IT Knowledge Base.

Internal sites are going to be fairly easy, since you can deploy a PKI using Active Directory Certificate Services and you can ensure through group policy that the CA cert (and any certs in the chain) is trusted for systems under your control. External sites are probably going to be a lot more work or a lot more money than simply buying the certs, but there are two main options, 1. Get an intermediate CA certificate from a provider who is willing to give you one for your CA (as the certs you issue will inherit the trust of the CAs above). 2. Become a root, http://social.technet.microsoft.com/wiki/contents/articles/introduction-to-the-microsoft-root-certificate-program.aspx -- Mike Burr