OWA (Exchange 2003) Certificate Question
Hi,
We have to OWA servers there is no NLB. For now we use NAT and a firewall rule two switch between them if something happens with one of the servers.
We have a certificate in OWA1 that works fine. The certificate it was issued to: webmail.domain.com. Could we use the same certificate on OWA2? Is there anyway to export the certificate to the other OWA server? If not what do we have to do to have OWA2 running with a certificate?
Thanks.
We have to OWA servers there is no NLB. For now we use NAT and a firewall rule two switch between them if something happens with one of the servers.
We have a certificate in OWA1 that works fine. The certificate it was issued to: webmail.domain.com. Could we use the same certificate on OWA2? Is there anyway to export the certificate to the other OWA server? If not what do we have to do to have OWA2 running with a certificate?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Raheem05,
You got it. This is the tpye of scenario we are running here. Export/Import did the trick since the certificate is not tied up to the server hostname instead we are used the cname "webmail.domain.com" which will be the one that the external DNS server will resolve into the OWA server that is the one active at that point in time.
One more question if we decided to setup NLB what would be the case with the certificate?
You got it. This is the tpye of scenario we are running here. Export/Import did the trick since the certificate is not tied up to the server hostname instead we are used the cname "webmail.domain.com" which will be the one that the external DNS server will resolve into the OWA server that is the one active at that point in time.
One more question if we decided to setup NLB what would be the case with the certificate?
llarava,
It will work fine because its bound by the common name I would just check the certificate to make sure it does not violite terms and conditions of the original purchase (the company you purchased the SSL to make sure it can be used on more then 1 server at any time) just thought you should be aware but in a nutshell it will work fine :)
It will work fine because its bound by the common name I would just check the certificate to make sure it does not violite terms and conditions of the original purchase (the company you purchased the SSL to make sure it can be used on more then 1 server at any time) just thought you should be aware but in a nutshell it will work fine :)
ASKER
thanks
There may be certain instances in which the SSL certificate must be moved from one server to another. A SSL certificate is bound to the server software and the common name. This will take place via an export and import process. Therefore, the certificate and its corresponding private key may be exported from the original server and imported into the target server as long as both servers run the same server software (i.e. Microsoft IIS to Microsoft IIS) and the target server will be hosting a site that matches the common name.
If multiple servers are being used, you will need to purchase 1 license for every server being secured
Instructions:
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR214