Solved

Webmail certficate expired.

Posted on 2009-07-06
4
292 Views
Last Modified: 2012-05-07
I have a exchange server running 2003 version.
Our current SSL certificate expired and we are going to renew it.
But  we wanted to change the URL now.
Current URL is webmail.companyname.com (external domain name - companyname.com)
wanted to change to webmail.cn.com (internal domain name - cn.com)

What steps involved before i go for renewal?
0
Comment
Question by:gilbertinigo
  • 2
4 Comments
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
Do you own the internal name? If not then you will be unable to get a certificate for it.

As you are changing the URL, you cannot do a renewal.
You will need to remove the existing certificate, then create a new certificate.
Exchange doesn't care what the URL on the certificate is, so nothing has to be done there.
However if you are using RPC Over HTTPS or Exchange ActiveSync, then that will break until they are updated with the new certificate name.

Simon.
0
 

Author Comment

by:gilbertinigo
Comment Utility
Situation here is:
my internal domain is : internaldomain.com
my external domain is : externaldomain.com
Both are now registered in public and we own it.
Current webmail link is https://webmail.publicdomain.com which is our front end server with the public IP address using NAT.
When the cert for https://webmail.publicdomain.com expired, We applied for SAN cert so that we can use both https://webmail.publicdomain.com and https://webmail.internaldomain.com URL's.
When we access https://webmail.internaldomain.com in local LAN, it works fine.

What steps i need to follow if i want to access https://webmail.internaldomain.com from internet?
Do i need to assign another public IP address for this https://webmail.internaldomain.com?
Do I need to create another IIS site for this on the front end server?



0
 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
Comment Utility
If you have both domains in the SAN/UC certificate then you do not need either another IP address or another web site. Just create an entry in your public DNS (that is what the internet uses, so may be with your domain name registrar) for that host name and point it at the same IP address.
The whole point of having a SAN/UC certificate is so that you have multiple names all on the same IP address and site.

Simon.
0

Featured Post

How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

Join & Write a Comment

Suggested Solutions

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
how to add IIS SMTP to handle application/Scanner relays into office 365.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now