VSS KB Articles

How to Configure DNS on a Domain Controller with Two IP Addresses
7/12/2018
How to Configure DNS on a Domain Controller with Two IP Addresses; Configure DNS on a DC with two IP addresses


How to safeguard from the SWEET32
7/12/2018
How to safeguard from the SWEET32 Issue, CVE-2016-2183, Disable RC4 and 3DES on Windows Server


Redirect from HTTP to HTTPS using the IIS URL Rewrite module
2/12/2018
This is the most common requirement on most of the Exchange servers hosted on IIS. The server admins configure an http to https redirect.


Sonicwall disconnects from network every 10-15 minutes on Verizon FIOS
2/11/2018
ISP temporarily disabling port due to receiving excessive ARP requests from SonicWall. Here are the settings to resolve it.


Encrypting Connections to MS SQL Server
2/8/2018
If you want to use encryption with a failover cluster, you must install the server certificate with the fully qualified DNS name of the failover clustered instance on all nodes in the failover cluster. For example, if you have a two-node cluster...


    

1/9/2018
How to create Self-Signed Certificates for Hyper-V Replication

 How to create Self-Signed Certificates for Hyper-V Replication

Here is the quick and simple lowdown on how to create Self-Signed SSL Certificates for use in Hyper-V Replication. There is a great article on Technet which gives more background into this process – http://blogs.technet.com/b/virtualization/archive/2013/04/13/hyper-v-replica-certificate-based-authentication-makecert.aspx

You will need Makecert.EXE which can be found from http://msdn.microsoft.com/en-us/library/bfsktky3.aspx or here – http://msdn.microsoft.com/en-us/library/windows/desktop/aa386968(v=vs.85).aspx

On the First Server, in an elevated command prompt.

  1. Run makecert -pe -n “CN=FirstRootCA” -ss root -sr LocalMachine -sky signature -r “FirstRootCA.cer”
  2. Run makecert -pe -n “CN=[FQDN1]” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “FirstRootCA” -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 FirstServer.cer
  3. Copy SecondRootCA.cer from Second Hyper-V
  4. Run certutil -addstore -f Root “SecondRootCA.cer”
  5. Run reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

On the Second Server, in an elevated command prompt.

  1. Run makecert -pe -n “CN=SecondRootCA” -ss root -sr LocalMachine -sky signature -r “SecondRootCA.cer”
  2. Run makecert -pe -n “CN=[FQDN2]” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “SecondRootCA” -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 SecondServer.cer
  3. Copy FirstRootCA.cer from First Hyper-V
  4. Run certutil -addstore -f Root “FirstRootCA.cer”
  5. Run reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

Then you can use these certificates in Hyper-V replication. The steps to setting this up can be found here – http://blog.powerbiz.net.au/hyperv/hyper-v-replica-for-small-business/