Exchange 2010 and second SSL certificate RRS feed

  • Question

  • I've a working Exchange 2010 on Win 2008 R2, AD domain.net and can access all the exch services without problems. Now I need to change the main domain from domain.net to domain.ch, but want that both domains are usable with outlook. The UCC SSL certificate for domain.ch I allready bought. Can I simply install a second SSL certificate and let them work in parallel, what happens if I simply install the new certificate, overriding or adding? 
    Wednesday, December 22, 2010 9:41 AM


  • You will need to replace the existing certificate with one that contains the relevant entries for both names.
    While you can run two certificates on the same server, that doesn't apply to all services, such as IIS. Therefore things will not work as expected.

    Furthermore, most certificate providers will not allow two certificates to be activate for the same name at the same time, so the original certificate will have to be revoked first, then a new certificate issued. As this will cause SSL prompts on clients, the timing of the certificate request and change will be key to minimise the impact on the end users.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources
    Wednesday, December 22, 2010 11:29 AM