locked
SAN Certificate Exchange 2007 RRS feed

  • Question

  • Hello,

    I will need to renew my SAN certificate  (multiple host name): mail.company.com and mail.company1.com.

    The person in charge of renewing the certificate with our provider wants to use *.company.com and *.company1.com. I do not know whether it is possible and what needs to be done.

    Moreover, most of the outlook anywhere on outlook 2007 are configured with mail.company1.com.

    Could you please tell me if it is possible and what needs to be changed on my exchange servers, client side and maybe fireway configuration?

    Many thanks,

    Graig

     

    Monday, January 23, 2012 2:37 PM

Answers

  • It should work without changes, you should import new certificate for *.company1.com on CAS server and assign it to IIS service
    Regards, Konrad Sagala, MCT, MCSE+M, MCITP: Exchange 2007/2010
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:56 AM
    Monday, January 23, 2012 4:06 PM
  • Renew certificate is same as you create new certiifcate. Just enable new certificate and assign to exchange. Later on delete old certificate.

    http://technet.microsoft.com/en-us/library/ee332322.aspx

    http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010


    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:57 AM
    Monday, January 23, 2012 4:36 PM
  • It doesn't metter in this situation - *.company1.com covers both mail.company1.com and autodiscover.company1.com, so if certificate is from trusted CA outlook will accept it.
    Regards, Konrad Sagala, MCT, MCSE+M, MCITP: Exchange 2007/2010
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:57 AM
    Monday, January 23, 2012 10:52 PM

All replies

  • It should work without changes, you should import new certificate for *.company1.com on CAS server and assign it to IIS service
    Regards, Konrad Sagala, MCT, MCSE+M, MCITP: Exchange 2007/2010
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:56 AM
    Monday, January 23, 2012 4:06 PM
  • Renew certificate is same as you create new certiifcate. Just enable new certificate and assign to exchange. Later on delete old certificate.

    http://technet.microsoft.com/en-us/library/ee332322.aspx

    http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010


    Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:57 AM
    Monday, January 23, 2012 4:36 PM
  • Thanks guys but what about the outlook anywhere configuration. The URl to connect to proxy server for Exchange will not be mail.company1.com anymore but will become *.company1.com.
    Does it mean that users will need to change that configuration on their outlook interface...
    Monday, January 23, 2012 6:51 PM
  • It doesn't metter in this situation - *.company1.com covers both mail.company1.com and autodiscover.company1.com, so if certificate is from trusted CA outlook will accept it.
    Regards, Konrad Sagala, MCT, MCSE+M, MCITP: Exchange 2007/2010
    • Marked as answer by Terence Yu Tuesday, January 31, 2012 6:57 AM
    Monday, January 23, 2012 10:52 PM