Webmail certficate expired.

I have a exchange server running 2003 version.
Our current SSL certificate expired and we are going to renew it.
But  we wanted to change the URL now.
Current URL is webmail.companyname.com (external domain name - companyname.com)
wanted to change to webmail.cn.com (internal domain name - cn.com)

What steps involved before i go for renewal?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Do you own the internal name? If not then you will be unable to get a certificate for it.

As you are changing the URL, you cannot do a renewal.
You will need to remove the existing certificate, then create a new certificate.
Exchange doesn't care what the URL on the certificate is, so nothing has to be done there.
However if you are using RPC Over HTTPS or Exchange ActiveSync, then that will break until they are updated with the new certificate name.

gilbertinigoAuthor Commented:
Situation here is:
my internal domain is : internaldomain.com
my external domain is : externaldomain.com
Both are now registered in public and we own it.
Current webmail link is https://webmail.publicdomain.com which is our front end server with the public IP address using NAT.
When the cert for https://webmail.publicdomain.com expired, We applied for SAN cert so that we can use both https://webmail.publicdomain.com and https://webmail.internaldomain.com URL's.
When we access https://webmail.internaldomain.com in local LAN, it works fine.

What steps i need to follow if i want to access https://webmail.internaldomain.com from internet?
Do i need to assign another public IP address for this https://webmail.internaldomain.com?
Do I need to create another IIS site for this on the front end server?

If you have both domains in the SAN/UC certificate then you do not need either another IP address or another web site. Just create an entry in your public DNS (that is what the internet uses, so may be with your domain name registrar) for that host name and point it at the same IP address.
The whole point of having a SAN/UC certificate is so that you have multiple names all on the same IP address and site.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.