locked
Exchange certificate for .local domain RRS feed

  • Question

  • Hello

    We have an Exchange 2010 environment running on Windows 2008 R2.

    Our domainname ends on domain.local and that way I don't succeed in creating an official SSL certificate.

    Could somebody please tell me how I can configure a working certificate so that my users don't get a message that the certificate couldn't be verified?

    Thanks a lot!!

    Kind regards

    Geoffrey

    Monday, October 15, 2012 9:41 AM

Answers

  • I recommend that you implement split-brain DNS and use the external domain name for everything in Exchange.

    That is, create an internal DNS domain for domain.com; create entries corresponding to those in external DNS, using internal IP addresses as appropriate; and then change all InternalURLs and URIs to the external domain.  An added side benefit is that users won't have to remember different URLs internally versus externally.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Monday, October 15, 2012 6:23 PM

All replies

  • I recommend that you implement split-brain DNS and use the external domain name for everything in Exchange.

    That is, create an internal DNS domain for domain.com; create entries corresponding to those in external DNS, using internal IP addresses as appropriate; and then change all InternalURLs and URIs to the external domain.  An added side benefit is that users won't have to remember different URLs internally versus externally.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Monday, October 15, 2012 6:23 PM
  • Any updates on this issue?

    Thanks,

    Evan Liu

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tnmff@microsoft.com


    Evan Liu

    TechNet Community Support

    Wednesday, October 24, 2012 10:16 AM
    Moderator