I have SQL Server 2012 setup on an Azure VM running Windows Server 2008 R2. I want all traffic through to my SQL Server encrypted. I understand how this is done, but seem to have a problem with the way the VM name is resolved.
In order to setup encrypted connections, among other things the certificate needs to have a CN=the server name. To test the setup I added the CA role to the VM and created a self-signed certificate, then added this the the "Protocols for MSSQLSERVER" in the SQL Configuration manager. I connected through using encryption OK on the actual VM using SSMS. I then exported the certificate and installed it on a client workstation to test. Connecting from SSMS gave an error indicating the CN setting was incorrect. i.e. it had the wrong name.
Assuming my server is called "MyServer" - inspecting the certificate shows the CN was set to "MyServer". Of course - from the clients perspective it really needed to be "MyServer.CloudApp.Net" - which I think is where things fall over.
Checking on the VM - it does not seem to have an awareness of "MyServer.CloudApp.Net"; using RDC to logon, then pinging itself using "MyServer.CloudApp.Net"... or trying to connect to any resources using that name fails. This makes sense I suppose as the "CloudApp.Net" part of the servers name is a construct of the Cloud Service that hosts it. This being the case, the SQL Server on the VM will not be able to use a certificate with the subject CN="MyServer.CloudApp.Net"
So my question is; how can I get my VM to recognize itself as "MyServer.CLoudApp.Net" and if this is not possible, how can I get SQL Server connection encryption working through the VM?
Thanks in advance for your help with this.