none
Pre-Migration to O365 (Exchange 2007 self signed cert to public cert ) RRS feed

  • Question

  • Hi Support, 

    I have client that ready to move to cloud, O365, 

    current Exchange server is 2007, but configured with self-signed cert, understand that in order to perform cutover migration, i have to get a public SSL cert to perform the migration.

    My questions is, 

    1. I need help to re-configure the self sign cert to public cert ( since the cert is just for migration purpose, which cert should i get) 

    2. assume that the self sign cert is not working, I should use the Public cert, should I treat it as a new cert configuration ? if so, should I remove the self sign cert first?

    3. Any steps by steps guide I can refer?

    Thanks

    Alfred

    Monday, June 13, 2016 4:14 AM

All replies

  • How do you plan to do this migration?  That's something we need to know before we can answer your questions.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Monday, June 13, 2016 8:15 AM
    Moderator
  • Hi Alfred,

    You can purchase certificate from third-party CA, and request certificate with appropriate SAN. Once it complete, you can enable relevant services for that certificate. It's similar with deploy a new certificate for Exchange, for your reference:
    https://technet.microsoft.com/en-us/library/bb125165(v=exchg.141).aspx

    Moreover, here're some article about migrate Exchange server to Office 365:
    https://blogs.technet.microsoft.com/canitpro/2013/11/19/step-by-step-migrating-from-exchange-2007-to-office-365/
    https://support.office.com/en-us/article/Perform-a-cutover-migration-of-email-to-Office-365-9496e93c-1e59-41a8-9bb3-6e8df0cd81b4

    Hope that helps.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Allen Wang
    TechNet Community Support

    Tuesday, June 14, 2016 9:28 AM
    Moderator
  • hi,

    1. I believe your exchange environment is only being used internally and OWA/AS/OA are not being used externally.

    2. Upgrade the Exchange servers to 2007 SP3.

    3. Configure outlook anywhere , therefore you compulsory need to get the 3rd part certificate installed on the Exchange server which is hosting the OA endpoint.

    4. rest all depends on your assessment and planning.


    Tuesday, June 14, 2016 9:54 AM
  • Hi Ed,

    Frankly, the migration from Exchange2007 to O365, I read through article , so far I haven't have chance to hands on. As for this case, I'm pretty sure the migration will be the cutover migration

    What I planned to do in in 2 phases

    Phase1

    Understand that in order to make the migration works, I require a public SSL cert, which I have to purchase the Public SSL cert and replace the self signed cert ( I'm not quire confident on doing this)

    I'm afraid of buy the wrong cert and input the wrong incoming and outgoing FQDN

    Phase 2

     assume the outlook anywhere is working fine with public cert

    1. Gather client domain hosting credential ( for switching the MX records)

    2. Advice users to archive the user's mailboxes to as minimum as possible to shorten the migration time

    3. provision O365 account and create user batch files to prepare for the migration ( require to ensure the connection is okay)  

    4. Schedule weekday or weekend to cutoff by switching the MX records.

    5. Configure user's outlook and test send/receive email

    6. Install AAD for password sync

    how it is? Need your expertise advice to make sure the migration is done without any huge trouble.

    what I concern is , I'm not sure h

    Thanks

    Alfred

    ow long it will take for the users email migrate to O365

    Wednesday, June 15, 2016 11:16 AM
  • Hi Allen,

    should I remove the self signed cert in user's exchange or I should totally ignore it and create a new cert ?

    Thanks
    Alfred

    Wednesday, June 15, 2016 11:18 AM
  • Hi Magu

    User did access from external through owa by using Self signed cert.

    THanks

    Alfred

    Wednesday, June 15, 2016 11:19 AM