I'm in the process of purchasing an AMT provisioning certificate from VeriSign and when generating the CSR on the SCCM server which the OOB Management point is installed on, one of the field require that you enter the Common Name for the certificte. Reviewing a number of articles the common name should consist of the hostname + domain name (FQDN) which is the internal FQDN of the server.
However, when requesting a certifcate from VeriSign I'm not able to do so and VeriSign informend me that they do not provide certificates for internal domains anymore. The only solutions they've provided me with are:
1. use the hostname + public domain name for the common name and add the internal IP address of the server as a Subject Alternative Name
2. use the hostname + public domain name for the common name, however this will required that the public DNS zone is configured on your internal DNS servers and a host record created for this server.
Has anyone come across this problem and do anyone have any suggestions please. Also, unfortunately I can only use VeriSign and none of the other providers.
Any suggestions will be greatly appreciated.