• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 286
  • Last Modified:

OWA (Exchange 2003) Certificate Question

Hi,

We have to OWA servers there is no NLB. For now we use NAT and a firewall rule two switch between them if something happens with one of the servers.

We have a certificate in OWA1 that works fine. The certificate it was issued to: webmail.domain.com. Could we use the same certificate on OWA2? Is there anyway to export the certificate to the other OWA server? If not what do we have to do to have OWA2 running with a certificate?

Thanks.
0
llarava
Asked:
llarava
  • 3
  • 2
1 Solution
 
Raheem05Commented:
If you have 2 servers any reason why you dont want to go with a front end / backend exchange solution?

There may be certain instances in which the SSL certificate must be moved from one server to another. A SSL certificate is bound to the server software and the common name. This will take place via an export and import process. Therefore, the certificate and its corresponding private key may be exported from the original server and imported into the target server as long as both servers run the same server software (i.e. Microsoft IIS to Microsoft IIS) and the target server will be hosting a site that matches the common name.
 
If multiple servers are being used, you will need to purchase 1 license for every server being secured

Instructions:

https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR214
0
 
Raheem05Commented:
Of course if you are using the second server as a DR server then the front end / backend is out of the window in simple terms yes follow the above procedure the common name unless the certificate is tied to a specific hostname

http://searchexchange.techtarget.com/tip/0,289483,sid43_gci1176189_mem1,00.html

Hope this helps any questions shout
0
 
llaravaAuthor Commented:
Raheem05,

You got it. This is the tpye of scenario we are running here. Export/Import did the trick since the certificate is not tied up to the server hostname instead we are used the cname "webmail.domain.com" which will be the one that the external DNS server will resolve into the OWA server that is the one active at that point in time.

One more question if we decided to setup NLB what would be the case with the certificate?
0
 
Raheem05Commented:
llarava,

It will work fine because its bound by the common name I would just check the certificate to make sure it does not violite terms and conditions of the original purchase (the company you purchased the SSL to make sure it can be used on more then 1 server at any time) just thought you should be aware but in a nutshell it will work fine :)
0
 
llaravaAuthor Commented:
thanks
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now