Different Certificates for ActiveSync and OWA (Exchange 2010)

Hi there,

I was wondering if it was possible to use two different certificates and URL's for Activesync and OWA in Exchange 2010.
I want to use the following URL's:
- webmail.domain.com
- sync.domain.com

I have created two certificates with a public CA but found out that you can only apply 1 certificate to a service.

The reason why i want to do this is simple, we want users to authenticate with username, token and password for OWA and not for the activesync connection.

Any thoughts on this problem?
Netwerkbeheer_AZLAsked:
Who is Participating?
 
ThrainSonOfTimorConnect With a Mentor Commented:
There are multiple possibilities:
- Use a SAN certificate
- Create a new binding and use another port (444) instead of 443. Use the second certificate. This can get complicated though because of port forwarding settings on the firewall so I don't recommend this option
- Use two IP adresses and create two bindings for SSL on the two IP adresses with a different certificate. Configure dns to use the right IP address.
- create a new website and new virtual directory as stated above.
0
 
Pete LongTechnical ConsultantCommented:
They both use IIS (active sync and OWA) so NO you cant have two differnet certificates - unless you install a second client access server.
0
 
endital1097Commented:
yes, you will need to create a new web site on the server then add the virtual directory
new-activesyncvirtualdirectory
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
BusbarSolutions ArchitectCommented:
you can create a new website and then create a new activesync directory under it
0
 
AkhaterCommented:
The easiest way to do it is to replace your 2 certificates with one SAN (or UCC) certificate,

a SAN = Subject Alternate Name is a certificate that is used to identify more than one URL and it is very well supported in exchange 2007/2010

Just get a SAN certificate with all your needed URLs and enable it in Exchange
0
 
Netwerkbeheer_AZLAuthor Commented:
Thnx, the SAN certificate worked ;)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.