asked on
Need SSL Clarification for Exchange 2007
Currently we are using a single name - self signed cert. This seems to be causing a problem for the replication from an Exchange 2003 server to Exchange 2007. (We plan to completely decommission the 2003 server once the replication is complete). When we go to move the replicas for the Public Folders from old server to new server, we receive an error stating the SSL certificate server name is incorrect. (ID no: C103b404 Exchange System Manager)
If I am looking in the event viewer, I find the following Information item in Application:
Event Type: Information
Event Source: MSExchangeTransport
Event Category: Routing Engine/Service
Event ID: 984
Date: 3/3/2009
Time: 8:04:21 AM
User: N/A
Computer: MAIL
Description:
SMTP GetNextHop returned hr=0x0 in 0ms.
DestAddr=<mail2.headquarte
MsgType=0x2, NextHopType=OTHER_INT_ROUT
Type=<SMTP>, Class=<*.B4C27D4F-6F9E-064
RouteAddr=<_53510491524737
Connector=<91045153-4752-4
I'm assuming that it does not like the FQDN on the cert. We set the cert to mail2.domain.com - and have this working for the OWA and ActiveSynce for our smartphones. (Really do not want to have to install a new cert for all smartphones). We are currently looking into getting a UCC, but we are at a loss as to how many domains that we need to cover. We have twelve SMTP domains that we currently utilize. So, do we need to have:
mail2
mail2.domain.com (what current cert is set at)
mail2.headquarters.domain.
autodiscover.domain.com
autodiscover.domain2.com
autodiscover.domain3.com
and so on - to domain 12?
Please advise! We are very new at this and at a loss.
Thanks!!
If I am looking in the event viewer, I find the following Information item in Application:
Event Type: Information
Event Source: MSExchangeTransport
Event Category: Routing Engine/Service
Event ID: 984
Date: 3/3/2009
Time: 8:04:21 AM
User: N/A
Computer: MAIL
Description:
SMTP GetNextHop returned hr=0x0 in 0ms.
DestAddr=<mail2.headquarte
MsgType=0x2, NextHopType=OTHER_INT_ROUT
Type=<SMTP>, Class=<*.B4C27D4F-6F9E-064
RouteAddr=<_53510491524737
Connector=<91045153-4752-4
I'm assuming that it does not like the FQDN on the cert. We set the cert to mail2.domain.com - and have this working for the OWA and ActiveSynce for our smartphones. (Really do not want to have to install a new cert for all smartphones). We are currently looking into getting a UCC, but we are at a loss as to how many domains that we need to cover. We have twelve SMTP domains that we currently utilize. So, do we need to have:
mail2
mail2.domain.com (what current cert is set at)
mail2.headquarters.domain.
autodiscover.domain.com
autodiscover.domain2.com
autodiscover.domain3.com
and so on - to domain 12?
Please advise! We are very new at this and at a loss.
Thanks!!
ExchangeSSL / HTTPS
Last Comment
Mestha