What certificate to use on SBS 2008 (remote and exchange)

Posted on 2009-12-23
Medium Priority
Last Modified: 2012-05-08
Hi, what certificate do i need to use on a SBS 2008 server (Exchange 2007)? My certificate provider told me that i must have a UCC certificate if i want mobile phone to work perfectly, but if i use the certificate wizard in the SBS Console then its for only remote.<mydomain>.no, a UCC certificate could have more than one host and domain name, but in the SBS Console web setings both remote and exchange/owa use https://remote.<mydomain>.no, could i then use a standard certificate that only cost 1/3 of a UCC certificate?

Question by:cral
  • 2
LVL 65

Expert Comment

ID: 26116504
The certificate wizard in SBS 2008 makes some presumptions. The main one being that your external DNS provider (who hosts your domain name on the Internet) supports SRV records.

Many do not.

For full functionality, including Outlook Anywhere and Exchange ActiveSync support you either need to have an SRV record enabled domain or use a UCC certificate.

Personally I am treating the SSL certificate the same as I do for full product installations, and using remote.example.com as the common name for everything, including the MX record host name. Certificates come from GoDaddy and I use the instructions on my blog:


Author Comment

ID: 26118303
I can add SRV as a record on my external DNS provider, do that mean that i could use a standard sertificate to point at remote.example.com and thats it for owa, activesync remote etc? Do i have to open more ports, today its HTTPS and 987 (internal local web).
LVL 65

Accepted Solution

Mestha earned 1000 total points
ID: 26118666
You have created the SRV records as per this KB article?

You only need port 443 for SSL support and then 25 for inbound SMTP. If you use the wizard it should change all of the references in Exchange for you.


Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question