We are going to register SAN certificate with Entrust which we will issue to our Exchange 2007 CAS Server. we have registered a domain e.g. domain.com on internet. But internally we use a different domain for AD and Exchange e.g. xyz.com. we have generated the SAN request and sent to Entrust, they are saying that you can't put xyz.com on the SAN certificate becuase it's not registered on your name. I have added all domain names during certificate file generation :
new-exchangecertificate -generaterequest -subjectname "c=india,o=ABC Corp,CN=webmail.domain.com" -domainname webmail.domain.com,autodiscover.domain.com,cas01.xyz.com,cas01 -Friendlyname "ABC Mail Certificate" -path c:\certreq.txt -privatekeyexportable:$true
now the request file has xyz.com entry (internal domain name used in AD). so my question is if i remove xyz.com entries then will my certificate have any problems (internal network or external network) while working on mails e.g. RPC, OWA or Outlook within LAN.