Solved

PDA Cert - multiple Domains

Posted on 2009-07-16
6
212 Views
Last Modified: 2012-05-07
Folks,

I think I had been down this road earlier - but now have a new twist.

We have our sister company that needs a certificate for its Exchange 2007 server -
It looks to be only running the exchange generated certificate.

These are the suggested names we are looking at.,

Not sure if I am close in the naming -

This is the new "existing"  server......without a 3rd party cert.

Pda.cccc.com
Vpn.cccc.com
Pda.cccc.com/owa
srvemail001.cccc.acme.com
srvemail001
srvemail001.cccc.acme.local
autodiscover.cccc.acme.com
autodiscover.acme.com <<<<<<<<?????


This is our existing server at Acme.com
rsrvemail001.acme.com
rvemail001
owa-us.acme.com
rvemail001.acme.local
autodiscover.acme.com


I also have a server in the EU -

vemail001.acme.com
vemail001
owa-eu.acme.com
vemail001.acme.local
autodiscover.acme.com

I thought  the existing 2007 box had a 3rd party cert - I was wrong and need to correct this.

Any suggestions.

Thanks.

-Johnny
0
Comment
Question by:Synarc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24873689
The only names the certificate needs is

mail.example.com (the preferred common name for OWA, ActiveSync etc)
autodiscover.example.com (where example.com is the domain in the user's email addresses)
server (the server's NETBIOS name).
server.example.local (the server's real INTERNAL FQDN)

If you are supported additional SMTP addresses then you need to have autodiscover.domain2.com in there as well.

You do not have to add in server.example.com unless that is what the server's FQDN is inside (ie because your WINDOWS domain is called example.com).

/ anything is not valid for an SSL certificate, so the line above with /owa isn't correct.

Simon.

0
 

Author Comment

by:Synarc
ID: 24900659
Mestha  -
 
Thanks for the info - if we want to make sure we are covered for all scenarios... it would be best to have the following sub-domains and names in th certificate - we are still building out some portions of the network and are not sure how or when things may change - we don't want to keep changing certs.
Any thoughts?
 
srvemail001.cccc.acme.com (FQDN)
srvemail001  (netbios)
Pda.cccc.com
owa .cccc.com
srvemail001.cccc.acme.local
mail.cccc.com
mail.cccc.acme.com
mail.acme.com
 
autodiscover.cccc.acme.com
autodiscover.acme.com  
Thanks.
 
-Johnny
0
 

Author Comment

by:Synarc
ID: 24900665
It looks like i forgot an autodiscover:
 

srvemail001.cccc.acme.com (FQDN)
srvemail001  (netbios)
Pda.cccc.com
owa .cccc.com
srvemail001.cccc.acme.local
mail.cccc.com
mail.cccc.acme.com
mail.acme.com

autodiscover.cccc.acme.com
autodiscover.acme.com
autodiscover.cccc.com
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24902999
Are you going to have users with email address of cccc.acme.com ? If not then you are simply wasting money. Most certificate providers charge more for the additional names, some on a per name basis, some in blocks of 5.
Personally I wouldn't bother with either pda or owa variants and just tell everyone to use mail.domain.com.

Simon.
0
 

Author Comment

by:Synarc
ID: 24906965
Thanks Simon - it is a sister company  - and we are just trying to cover all the bases on it because we are unsure of what the final domain naming convention will be in the future.
 
-Johnny
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question