Solved

Subject Alternative Names

Posted on 2009-05-18
5
339 Views
Last Modified: 2012-11-27
I am still in my testing phase for exchange 2007 and now i am at the SSL part of it and not sure what names i need to register. Here is where i am at with that.

Purchased cheap Multiple Domain UCC from https://certificatesforexchange.com/ for $60

What i want to do is Autodiscover, External OWA, Internal OWA,  Mobile Phones, i think that is it.

External DNS = mail.domain.com
                             exchange.domain.com
                             autodiscover.domain.com

Internal Domain = testdc.testdomain.local   <--domain controller
                                  testserv.testdomain.local  <-- exchange server

Thanks for any help.
0
Comment
Question by:AnthonyJK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:Cameron_S
Cameron_S earned 100 total points
ID: 24416513
Your list looks fine. You may want to include: mobile.domain.com just for kicks for mobile users, but not really necessarily.

Otherwise, so long as you have mail, exchange, and autodiscover.domain.com you should be all set. Make sure your internal server name is specified as well as listed in your Internal Domain list.

Article on SAN names: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1144
0
 
LVL 65

Accepted Solution

by:
Mestha earned 400 total points
ID: 24417780
You don't need the domain controller in the list.

All you need is

host.example.com (which is OWA, MX record, Windows Mobile etc)
autodiscover.example.com
server.domain.local (server's FQDN inside your network)
server (server's NETBIOS name)

Nothing else.

Simon.
0
 

Author Comment

by:AnthonyJK
ID: 24417932
Thanks for the reply's. Exactly what i was looking for.

Do you think i can use the following tool (Wizard) even though i did not buy a cert from them? I found it through another post.

https://www.digicert.com/easy-csr/exchange2007.htm

Thanks again
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 400 total points
ID: 24419715
Most articles point to that page to generate the PowerShell command.
Mine included: http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

Simon.
0
 

Author Closing Comment

by:AnthonyJK
ID: 31582773
Thanks again....Good articles as well.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question