Solved

Different Certificates for ActiveSync and OWA (Exchange 2010)

Posted on 2010-09-10
6
1,504 Views
Last Modified: 2012-05-10
Hi there,

I was wondering if it was possible to use two different certificates and URL's for Activesync and OWA in Exchange 2010.
I want to use the following URL's:
- webmail.domain.com
- sync.domain.com

I have created two certificates with a public CA but found out that you can only apply 1 certificate to a service.

The reason why i want to do this is simple, we want users to authenticate with username, token and password for OWA and not for the activesync connection.

Any thoughts on this problem?
0
Comment
Question by:Netwerkbeheer_AZL
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 33645193
They both use IIS (active sync and OWA) so NO you cant have two differnet certificates - unless you install a second client access server.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33645203
yes, you will need to create a new web site on the server then add the virtual directory
new-activesyncvirtualdirectory
0
 
LVL 33

Expert Comment

by:Busbar
ID: 33645281
you can create a new website and then create a new activesync directory under it
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 5

Accepted Solution

by:
ThrainSonOfTimor earned 500 total points
ID: 33645741
There are multiple possibilities:
- Use a SAN certificate
- Create a new binding and use another port (444) instead of 443. Use the second certificate. This can get complicated though because of port forwarding settings on the firewall so I don't recommend this option
- Use two IP adresses and create two bindings for SSL on the two IP adresses with a different certificate. Configure dns to use the right IP address.
- create a new website and new virtual directory as stated above.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 33649129
The easiest way to do it is to replace your 2 certificates with one SAN (or UCC) certificate,

a SAN = Subject Alternate Name is a certificate that is used to identify more than one URL and it is very well supported in exchange 2007/2010

Just get a SAN certificate with all your needed URLs and enable it in Exchange
0
 

Author Closing Comment

by:Netwerkbeheer_AZL
ID: 33670207
Thnx, the SAN certificate worked ;)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question