Cerating SSL certificates for the management interfaces on an IronPort C360.
First, make sure your CA is configured to accept SAN attributes in a request. To do so, login to your CA and do the following:
certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc
Browse to http://<servername>/certsrv and fill out the form, accepting most defaults. Change the following:
Check the box for “Mark keys as exportable”
In the attributes box, add the SAN attributes in the following format:
Submit and install the certificate. Find it, and export it to a .PFX file. Assign a password at the time of export. Then, import the PFX into the IronPort server, and assign that certificate to the management interface.