Exchange 2010 SSL & SAN Certificate RRS feed

  • Question

  • We are migrating from Exchange 2007 to Exchange 2010.

    We are in the process of setting up SSL & SAN certificate for our new exchange 2010 server. The current details of the servers are:

    1. CAS01.domain.local
    2. MB01.domain.local
    3. MB02.domain.local

    The services that we need to enforce:

    2.Exchange Web Services
    3.Outlook Anywhere

    My understanding is the above will cover POP3, SMTP, RPC. If not, kindly advise.

    our OWA link is &

    While generating the SAN & SSL certificate, kindly help me understand what all must i include in this.

    Please advise what I must include in the SAN & SSL certificate of my exchange server based on the above information. And do we need to install this on the CAS.

    We will be using DAG.

    Thank You & Kind Regards


    Sunday, November 18, 2012 8:26 AM


  • Typically your SAN should always include:

    • CAS array internal name (you should create a CAS array even if you only have 1 CAS)
    • OWA/ECP/WebService external name, e.g.
    • Outlook Anywhere host name, e.g. (this is commonly same as OWA host name)

    Sunday, November 18, 2012 10:44 AM