Solved

Different Certificates for ActiveSync and OWA (Exchange 2010)

Posted on 2010-09-10
6
1,499 Views
Last Modified: 2012-05-10
Hi there,

I was wondering if it was possible to use two different certificates and URL's for Activesync and OWA in Exchange 2010.
I want to use the following URL's:
- webmail.domain.com
- sync.domain.com

I have created two certificates with a public CA but found out that you can only apply 1 certificate to a service.

The reason why i want to do this is simple, we want users to authenticate with username, token and password for OWA and not for the activesync connection.

Any thoughts on this problem?
0
Comment
Question by:Netwerkbeheer_AZL
6 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 33645193
They both use IIS (active sync and OWA) so NO you cant have two differnet certificates - unless you install a second client access server.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33645203
yes, you will need to create a new web site on the server then add the virtual directory
new-activesyncvirtualdirectory
0
 
LVL 33

Expert Comment

by:Busbar
ID: 33645281
you can create a new website and then create a new activesync directory under it
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Accepted Solution

by:
ThrainSonOfTimor earned 500 total points
ID: 33645741
There are multiple possibilities:
- Use a SAN certificate
- Create a new binding and use another port (444) instead of 443. Use the second certificate. This can get complicated though because of port forwarding settings on the firewall so I don't recommend this option
- Use two IP adresses and create two bindings for SSL on the two IP adresses with a different certificate. Configure dns to use the right IP address.
- create a new website and new virtual directory as stated above.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 33649129
The easiest way to do it is to replace your 2 certificates with one SAN (or UCC) certificate,

a SAN = Subject Alternate Name is a certificate that is used to identify more than one URL and it is very well supported in exchange 2007/2010

Just get a SAN certificate with all your needed URLs and enable it in Exchange
0
 

Author Closing Comment

by:Netwerkbeheer_AZL
ID: 33670207
Thnx, the SAN certificate worked ;)
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exporting days since LastLogonTime 5 30
Exchange 2016 Installation 8 36
Exchange 2010 to 2016 Public Folder Migration 7 44
Remote Powershell Issue 3 29
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question