Certificates for Exchange 2003 to Exchange 2010 migration

I am doing a migration from exchange 2003 to exchange 2010.  I'm using the following article for "upgrade from exchange 2003 Client Access"
http://technet.microsoft.com/en-us/library/ee332348.aspx

My current exchange 2003 server OWA does not use SSL.  It is simply:  http://hostname.contoso.com\exchange

My URL for OWA on my exchange 2010 server is using SSL.  It has the following URL:
https://mail.contoso.com/owa  (I am using a CAS array for redundancy)

First of all I will have to purchase a certificate with the following names correct?
mail.contoso.com
autodiscover.contoso.com
legacy.contoso.com  (do I actually put legacy on the certificate, or is it the name of the exchange 2003 server)

Lastly, on the link above it explains how to "configure the exchange 2003 URL property on the /OWA virtual directory"  It says this is necessary for exchange 2003 and exchange 2010 to coexist.  (I will need these servers to coexist for awhile) Then it shows the syntax for the command.  My exchange 2003 URL would be "http" since I'm not using ssl on the exchange 2003 server right?  Could someone show me what the command would look like in my above situation.  Thanks.
LVL 4
denver218Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BusbarSolutions ArchitectCommented:
you will have to install the SSL certificate on the Exchange server and configure FBA for the redirection to work.
you will create a record that says legacy.exchange.com maps to the exchange frontend server and mail.contoso.com maps to CAS array.
configure the FBA on the exchange 2003 and use shreedhar command to configure the Exchange 2010 OWA and you are done
0
denver218Author Commented:
Thanks.  So I actually use the name "legacy", not the hostname of the exchange 2003 server?

So I will have to install an SSL certificate on the exchange 2003 server as well as the 2010 CAS server right?  Redirection won't work, if exch 2003 is not using SSL and exch 2010 is using SSL right?  Thanks for all your assistance.

0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

BusbarSolutions ArchitectCommented:
just to remind you, redirection will work if the 2003 server uses SSL and FBA
0
denver218Author Commented:
thanks.  As far as a certificate.  Do I need to get a separate certificate for both exchange 2003 and exchange 2010 or can I use the same one, and just have the proper name on it?
0
BusbarSolutions ArchitectCommented:
you can use a single UCC certificate that has the legac and mail names inside it, I prefer godaddy
0
denver218Author Commented:
Thanks busbar, So my Certifcates should have the following names right?

mail.contoso.com (CAS Array)
autodiscover.contoso.com
legacy.contoso.com (exchange 2003)

On the Certificate "legacy.contoso.com" Do I use the word legacy or use the actual name of my exchange 2003 server?  Then I will install this certifcate on Exchange 2003 and Exchange 2010
0
BusbarSolutions ArchitectCommented:
the certificate names are correct.
for legacy you can use any name that you can configure on public DNS, i prefer mail and oldmail, but this is me, you can choose any name you want but make sure to reflect that correctly in the exchange 2010 cmdlet used to configure the exchange 2003 URL
0
denver218Author Commented:
Thanks.  Lastly and I will award points.  Can I just use a wildcard certificate for this?  (*.contoso.com)  Thanks
0
BusbarSolutions ArchitectCommented:
yup
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
denver218Author Commented:
Thanks
0
Kenny UgbaCommented:
Please I need help in migrating from exchange 2003SP2  to exchange 2010 SP3
The old setup is 2 servers one with the mailbox and the other handles every other roles  including the certificates authority.

I have followed the instructions online and set up 3 Servers
1. Mailbox role
2.CAS and transport
3. Certificate authority
I have only one domain with about a 1000 users.

I need help setting up the CAS and also transferring all the certificates to the new one.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.