none
Hybrid Office 365 Exchange server ceritificate RRS feed

  • Question

  • Hi,

    We are in process of building hybrid Exchange servers 2016 for office 365 migration. Can anyone please let me know

    1. the public certificate we will be using, will only need to be in Hybrid servers or those need to be put into on premise Exchange servers hosting mailboxes too?

    2. I understand the hybrid Exchange servers will need to be natted to a public IP address and a public FQDN to be provided as well. What name should be given. Would it need to match with already Existing Exchange on premise public FQDN?

    3. Virtual directories in Hybrid (EWS, EAS, ECP) external name should be that public FQDN, internal names should be kept as server internal name only? 


    Regards BM

    Friday, November 15, 2019 12:37 PM

Answers

  • Hi,

    We are in process of building hybrid Exchange servers 2016 for office 365 migration. Can anyone please let me know

    1. the public certificate we will be using, will only need to be in Hybrid servers or those need to be put into on premise Exchange servers hosting mailboxes too?

    2. I understand the hybrid Exchange servers will need to be natted to a public IP address and a public FQDN to be provided as well. What name should be given. Would it need to match with already Existing Exchange on premise public FQDN?

    3. Virtual directories in Hybrid (EWS, EAS, ECP) external name should be that public FQDN, internal names should be kept as server internal name only? 


    Regards BM

    1. Just the "Hybrid" servers. Ensure port 25 and 443 are open between you and Office 365.

    2. It should match a subject name on the cert you are using and be in external DNS pointing to your hybrid servers.

    3. Best practices are that the internal and names match, but if not, use the external FQDNS

    • Marked as answer by GoodResource Saturday, November 16, 2019 7:30 AM
    Friday, November 15, 2019 1:51 PM
    Moderator

All replies

  • Hello,

    1/only EWS is targeted, then only CAS (with external acces).

    2/yes, but the best is behind reverse proxy. the only need is that name must be cover by certificate name.

    then, the name will probably match your external naming.

    3/dont change internal name, this is not needed.

    Olivier.

    Friday, November 15, 2019 1:23 PM
  • Hi,

    We are in process of building hybrid Exchange servers 2016 for office 365 migration. Can anyone please let me know

    1. the public certificate we will be using, will only need to be in Hybrid servers or those need to be put into on premise Exchange servers hosting mailboxes too?

    2. I understand the hybrid Exchange servers will need to be natted to a public IP address and a public FQDN to be provided as well. What name should be given. Would it need to match with already Existing Exchange on premise public FQDN?

    3. Virtual directories in Hybrid (EWS, EAS, ECP) external name should be that public FQDN, internal names should be kept as server internal name only? 


    Regards BM

    1. Just the "Hybrid" servers. Ensure port 25 and 443 are open between you and Office 365.

    2. It should match a subject name on the cert you are using and be in external DNS pointing to your hybrid servers.

    3. Best practices are that the internal and names match, but if not, use the external FQDNS

    • Marked as answer by GoodResource Saturday, November 16, 2019 7:30 AM
    Friday, November 15, 2019 1:51 PM
    Moderator