Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Changing current SSL Key in Exchange 2003

Posted on 2006-05-26
Medium Priority
Last Modified: 2010-03-06

We've got OWA running with a purchased SSL certification on a single box with a ISA 2000 firewall. Everything is working fine. But I will need to change the OWA site domain (due to a company merger). Two questions

1) When I request a new certificate will the existing one still work (Before the domain is changed). In other words when I make the request on exchange box in IIS, will it effect the current certification, installed site since the box is still live?

2) Is it possible to run the new and old site simultaneously? I.e. can a site have two SSL certifications, domains?

Any tips, help would be appreciated for this change over

thanks for your help
Question by:BHEIRE
LVL 104

Accepted Solution

Sembee earned 1000 total points
ID: 16777256
As it is a new domain, you are going to have to request a new certificate.
That can be done one of two ways.
1. Remove the existing certificate, then request the new certificate on that site.
2. Create a new dummy site (it will need its own IP address and resolve correctly) for the new certificate name.
Request the certificate and go through the process to install it.
Once you have the new certificate, export it to a file. Do the same with the original certificate.
Then remove both certificates and import one in to the other site - in effect swapping them around.
Here is the clever bit... If you have a spare IP address, configure your external and internal DNS so that the old address points to the new web server you created above - and the new address points to the existing site for OWA.
Then put a forward on to the new web site, so that it redirects the users to the new address.
Setup a new virtual directory called Exchange in the new web site and point it at the root.

The code is very simple...

Copy this in to notepad and save as default.asp
You don't need anything else.

<% response.redirect "https://mail.domain.com/exchange" %>

(replacing mail.domain.com with the FQDN on the certificate).


Author Comment

ID: 16788399
Thanks for your help!

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question