none
Exchange 2010 SSL & SAN Certificate RRS feed

  • Question

  • We are migrating from Exchange 2007 to Exchange 2010.

    We are in the process of setting up SSL & SAN certificate for our new exchange 2010 server. The current details of the servers are:

    1. CAS01.domain.local
    2. MB01.domain.local
    3. MB02.domain.local

    The services that we need to enforce:

    1.OWA
    2.Exchange Web Services
    3.Outlook Anywhere

    My understanding is the above will cover POP3, SMTP, RPC. If not, kindly advise.

    our OWA link is webmail.domain.com & mail.domain.com

    While generating the SAN & SSL certificate, kindly help me understand what all must i include in this.

    Please advise what I must include in the SAN & SSL certificate of my exchange server based on the above information. And do we need to install this on the CAS.

    We will be using DAG.

    Thank You & Kind Regards

    Philip

    Sunday, November 18, 2012 8:26 AM

Answers

  • Typically your SAN should always include:

    • autodiscover.domain.com
    • CAS array internal name (you should create a CAS array even if you only have 1 CAS)
    • OWA/ECP/WebService external name, e.g. webmail.domain.com
    • Outlook Anywhere host name, e.g. mail.domain.com (this is commonly same as OWA host name)


    Sunday, November 18, 2012 10:44 AM