登录
 
主页技术资源库学习下载支持社区论坛
IT 专业人士的资源 >
OWA wildcard certificate

已答复 OWA wildcard certificate

  • 2012年4月15日 1:55
     
     
    登录进行投票
    0

    We've set up an exchange 2010 server with a wildcard certificate (*.company.com) for OWA.  It works perfectly fine when entering the FQDN name in the browser, however when using short names (https://server/owa) we get a mismatched name error, is there anyway around this or would I need to get a cert that contains the short names as well as any fqdn name that Exchange is configured with??

    Thanks!

     

全部回复

  • 2012年4月15日 3:46
     
     
    登录进行投票
    0

    Hi,

    You have certidicate for *.domain.com this means it need to put something like mail.domain.com or owa.domain.com to resolve OWA. You can not use host name in this case.

    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com

     
  • 2012年4月15日 4:55
     
     
    登录进行投票
    0
    very simple....You need to add "server" as the SAN name to get rid of this error in the ceritificate....

    Exchange Queries

     
  • 2012年4月15日 5:57
     
     
    登录进行投票
    0
    I don't think you can add "server" as a SAN name to a wildcard certificate?
     
  • 2012年4月15日 8:34
     
     
    登录进行投票
    0
    you create a cert using internal PKI
     
  • 2012年4月15日 10:59
     
     已答复
    登录进行投票
    0

    If you want to use the server's real name then you will need to depoy a Unified Communications (aka SAN) certificate. Wildcard certificates are not the same.

    Simon.

    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

     
  • 2012年4月15日 20:33
     
     已答复
    登录进行投票
    0

    Hello,

    Since you are using a wildcard certificate for *.contoso.com, you will only be able to use it correctly with all DNS names which finishes with contoso.com (Like mail.contoso.com, www.contoso.com ...)

    Here, you want users to access the server using https://server/owa. For that, you can try to perform a redirection from https://server/owa to wanted URL. Be careful with the used certificate for https://server/owa URL as it should containg the server name.

    Another option is to use a SAN certificate where you include all used names.

    And the final option is to say to users to use HTTP to connect to OWA with URLs they are used to use and then you configure an HTTP redirection to your OWA site. Like that, users will all be redirected to the correct OWA Site and there will be no certificate issues.

    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

     
  • 2012年4月16日 9:49
    版主
     
     
    登录进行投票
    0
    Hi N1ro,

    Above gave some good information, if you have other confused point, please feel free let us know.

    Regards!

    Gavin

    TechNet Community Support