Hybrid Exchange server certificate query for Office 365 RRS feed

  • Question

  • Hi,

    We are building our hybrid Exchange servers for Office 365 migration. In our on premise Exchange, we have multiple child domains as accepted domain where mail route occurs. So we have multiple domains like,,,,, etc. So in this way, we can't have one wild card certificate since multiple domains are there. We either can have one certificate with manually entered all the entries as subject alternate names. Or maybe multiple certificates, but as i understand multiple certificates are not best practice and we cannot bind IIS, SMTP services to multiple certificates. Please let me know if that is true. Or if there's any other solution?

    Also another query, if we have edge servers in place, do i need to add edge public endpoint added to the SAN of hybrid certificate too? Will my certificate look like below:

    Common Name:


    Regards BM

    Saturday, November 16, 2019 7:41 AM


  • Thanks is there anyway i can have a san certificate where common name will be like

    and subject alternate name will be wild card? like *, *, *

    Regards BM


    Based on my testing, father and child domain could use different certificate for IIS. You can also add all those domains into one certificate. If you want to use this certificate for Edge, you will need to add Edge record into it.

    About whether could create a SAN certificate then add * into it, you may need to confirm with your certificate provider.


    Kyle Xu

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact

    Monday, November 18, 2019 6:10 AM

All replies