Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Exchange 2010 CAS / OWA certificate

Posted on 2010-09-20
4
Medium Priority
?
893 Views
Last Modified: 2012-05-10
Hi Experts,

I'm setting up Exchange 2010 and wanted to make sure I am requesting my SSL certificate correctly for OWA, CAS Servers and DAG servers.  I wasn't certain if I needed to request it with the names for all 3 or just the OWA common name.

I won't be using Outlook Anywhere or Autodiscover over the Internet.  All e-mail traffic will be via OWA or Outlook with VPN / Local Access.

Should I just put in:

owa.mydomain.com (Outlook Web App URL)
cas-array.mydomain.com (Client Access Array URL)
dag.mydomain.com (Database Availability Group URL)

Do I need to put in the names of the individual CAS and DAG member servers as well?

Any help would be most appreciated since I don't want to put more information in the certificate request than is needed but also want to make sure i have everything covered.

Thanks very much!
0
Comment
Question by:cja777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 32

Expert Comment

by:endital1097
ID: 33721414
do you have an internal dns zone for your external facing domain name?
if you do, then you don't need to add each server within the cert

you also don't need cas-array or dag
0
 

Author Comment

by:cja777
ID: 33721457
I have a forward lookup zone for site.mydomain.com (internal) and mydomain.com (external)

I have A records created for owa.site.mydomain.com and owa.mydomain.com

both accessible from inside my domain with the self signed certificate.  I get the expected error since it's not signed by a trusted CA.

So you're saying once it has the OWA URL exchange should be smart enough to figure out the rest?  It just needs the OWA Common Name?
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 1000 total points
ID: 33721472
your certificate needs to contain all fqdn values that will be used by exchange
since your internal and external domain names are different you need a minimum of two names in your certificate

owa.site.mydomain.com
owa.mydomain.com

you will configure the internal url values for all virtual directories with owa.site.mydomain.com and the external url values with owa.mdomain.com
0
 

Author Closing Comment

by:cja777
ID: 33721483
Excellent, thanks very much for the clarification.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question