Changing current SSL Key in Exchange 2003

Posted on 2006-05-26
Last Modified: 2010-03-06

We've got OWA running with a purchased SSL certification on a single box with a ISA 2000 firewall. Everything is working fine. But I will need to change the OWA site domain (due to a company merger). Two questions

1) When I request a new certificate will the existing one still work (Before the domain is changed). In other words when I make the request on exchange box in IIS, will it effect the current certification, installed site since the box is still live?

2) Is it possible to run the new and old site simultaneously? I.e. can a site have two SSL certifications, domains?

Any tips, help would be appreciated for this change over

thanks for your help
Question by:BHEIRE
    LVL 104

    Accepted Solution

    As it is a new domain, you are going to have to request a new certificate.
    That can be done one of two ways.
    1. Remove the existing certificate, then request the new certificate on that site.
    2. Create a new dummy site (it will need its own IP address and resolve correctly) for the new certificate name.
    Request the certificate and go through the process to install it.
    Once you have the new certificate, export it to a file. Do the same with the original certificate.
    Then remove both certificates and import one in to the other site - in effect swapping them around.
    Here is the clever bit... If you have a spare IP address, configure your external and internal DNS so that the old address points to the new web server you created above - and the new address points to the existing site for OWA.
    Then put a forward on to the new web site, so that it redirects the users to the new address.
    Setup a new virtual directory called Exchange in the new web site and point it at the root.

    The code is very simple...

    Copy this in to notepad and save as default.asp
    You don't need anything else.

    <% response.redirect "" %>

    (replacing with the FQDN on the certificate).


    Author Comment

    Thanks for your help!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do email signature updates give you a headache?

    Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

    Suggested Solutions

    Title # Comments Views Activity
    Exchange 2016 DNS Round Robin vs NetScaler 5 43
    Exchange 2013 Migration 18 33
    Exchange Search Slow 17 33
    Install DB in EXCH2013 6 14
    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now