We need to acquire an SSL certificate for our new Windows Network Load Balanced (NLB)/ Client Access Server pair (CAS) Exchange 2007 environment.
Here is the current configuration:
NLB Name: NLB.domain.corp
CAS Node1: HT-CA1.domain.corp
CAS Node2: HT-CA2.domain.corp
Public OWA address:
I am not concerned with having users connect to OWA with the server name or with the local NBL name. Also, we don't use Outlook anywhere therefore I do not expect to need a SAN or wildcard cert.
Is this correct? What do I need to give verisign to get an ssl cert for the public owa site?
1. Run this command from Exchange Management Shell and give req file to Cert company:
New-Exchangecertificate -domainname mail.company.com -Friendlyname OWAComapny -generaterequest:$true -keysize 1024
-path c:\certrequest.req -privatekeyexportable:$true subjectname "c=Com, o=Company, CN=mail"
2. import cert via shell:
Import-ExchangeCertificate Path c:\certnew.p7b
3. confirm import
Get-ExchangeCertificate -Thumbprint <thumbprint> | FL
4. Enable New Cert
Enable-ExchangeCertificate Thumbprint <thumbprint> -Services IIS, POP, IMAP