Solved

Webmail certficate expired.

Posted on 2009-07-06
4
294 Views
Last Modified: 2012-05-07
I have a exchange server running 2003 version.
Our current SSL certificate expired and we are going to renew it.
But  we wanted to change the URL now.
Current URL is webmail.companyname.com (external domain name - companyname.com)
wanted to change to webmail.cn.com (internal domain name - cn.com)

What steps involved before i go for renewal?
0
Comment
Question by:gilbertinigo
  • 2
4 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24785295
Do you own the internal name? If not then you will be unable to get a certificate for it.

As you are changing the URL, you cannot do a renewal.
You will need to remove the existing certificate, then create a new certificate.
Exchange doesn't care what the URL on the certificate is, so nothing has to be done there.
However if you are using RPC Over HTTPS or Exchange ActiveSync, then that will break until they are updated with the new certificate name.

Simon.
0
 

Author Comment

by:gilbertinigo
ID: 24823086
Situation here is:
my internal domain is : internaldomain.com
my external domain is : externaldomain.com
Both are now registered in public and we own it.
Current webmail link is https://webmail.publicdomain.com which is our front end server with the public IP address using NAT.
When the cert for https://webmail.publicdomain.com expired, We applied for SAN cert so that we can use both https://webmail.publicdomain.com and https://webmail.internaldomain.com URL's.
When we access https://webmail.internaldomain.com in local LAN, it works fine.

What steps i need to follow if i want to access https://webmail.internaldomain.com from internet?
Do i need to assign another public IP address for this https://webmail.internaldomain.com?
Do I need to create another IIS site for this on the front end server?



0
 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
ID: 24823611
If you have both domains in the SAN/UC certificate then you do not need either another IP address or another web site. Just create an entry in your public DNS (that is what the internet uses, so may be with your domain name registrar) for that host name and point it at the same IP address.
The whole point of having a SAN/UC certificate is so that you have multiple names all on the same IP address and site.

Simon.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now