troubleshooting Question

SSL Certificate for Exchange 2007 CAS NLB Cluster

Avatar of YourElement
YourElement asked on
Exchange
4 Comments1 Solution2891 ViewsLast Modified:
We need to acquire an SSL certificate for our new Windows Network Load Balanced (NLB)/ Client Access Server pair (CAS) Exchange 2007 environment.

Here is the current configuration:
 
NLB Name:         NLB.domain.corp
CAS Node1:        HT-CA1.domain.corp      
CAS Node2:        HT-CA2.domain.corp
 
Public OWA address:
            https://Mail.domain.com/owa
 
I am not concerned with having users connect to OWA with the server name or with the local NBL name.  Also, we don't use Outlook anywhere therefore I do not expect to need a SAN or wildcard cert.

Is this correct?  What do I need to give verisign to get an ssl cert for the public owa site?


1.  Run this command from Exchange Management Shell and give req file to Cert company:

New-Exchangecertificate -domainname mail.company.com -Friendlyname OWAComapny -generaterequest:$true -keysize 1024
-path c:\certrequest.req -privatekeyexportable:$true subjectname "c=Com, o=Company, CN=mail"

2.  import cert via shell:
Import-ExchangeCertificate Path c:\certnew.p7b

3.  confirm import
Get-ExchangeCertificate -Thumbprint <thumbprint> | FL

4.  Enable New Cert
Enable-ExchangeCertificate Thumbprint <thumbprint> -Services IIS, POP, IMAP
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 4 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros