locked
Exchange 2010 SSL Certificate RRS feed

  • Question

  • Hi All, I have a POC lab which have Exchange 2010 SP2 (multiserver roles) installed. I am using a 30 day trial SSL certificate from RapidSSL which will  expire soon. That certificate only allows to have one CN (mail.mycompany.com). My query is:

    1. I am planning to renew the existing exchange certificate but not with RapidSSL. Is it possible to renew an existing certificate obtained from  one public CA with another CA meaning I  generate the CSR by renewing the existing certificate from Exchange EMC and sending that CSR to another CA from whom I am interested to buy the SSL now?

    2. If the answer is "no", the option is to create a new  CSR using the same old CN and send it to the new CA for processing. Please correct me if I am wrong. I have not tested yet, but I am not sure if I  can use the same old CN/SANs with another public CA (as those CN is alreday issued by RapidSSL)

    Regards,

    Imrul Emon

     

    Saturday, March 31, 2012 4:25 AM

Answers

  • Hi Imrul

    1. You should generate a new CSR with the alternate names you need for Exchange e.g. autodiscover

    2. You can have different certificates from different CAs that refer to the same domain names.

    Cheers, Steve

    Saturday, March 31, 2012 9:16 AM

All replies

  • Hi Imrul

    1. You should generate a new CSR with the alternate names you need for Exchange e.g. autodiscover

    2. You can have different certificates from different CAs that refer to the same domain names.

    Cheers, Steve

    Saturday, March 31, 2012 9:16 AM
  • Hi Steve,

    Thanks. So, I can have the same CN (mail.mycompany.com,autodiscover.mycompany.com etc) in my new CSR even if I was having the same  names with my earlier CA.

    Regards,

    Imrul Emon

    Sunday, April 1, 2012 2:00 AM