How do I create an Exchange SSL certificate for both the public and local FQDN's?
Posted on 2008-10-24
I have a recently installed Exchange 2007 server running SP1 on a 2008 server 64-bit box. I am not the SSL expert, but I purchased a certificate from "instantssl" and got it working for all of my external stuff (OWA and mobile devices via activesync). My problem is that everything internally gets a certificate mismatch error. The problem is the difference between my local FQDN and my public FQDN. For external OWA and mobile devices, they connect to "onename.publicdomain.com". This is the name that I purchase my SSL certificate for. So everything outside works great. However, inside the organization, OWA and Outlook clients connect to othername.localdomain.com. Notice that not only are the hostnames different, but so are the domain names. I have setup an A record in my internal DNS to redirect my public FQDN to my inside server IP address, but I still get a name mismatch error.
So my question is, is there a way to get a certificate issued for both the public and local FQDN? If not, I know I can create a local certificate, but how can I apply them both to Exchange. I'm also new to Exchange 07. It seems that through the management shell, you can only apply one certificate thumbprint to Exchange (IIS, IMAP, and POP). Any ideas, oh knowledgeable community?