Solved

SSL Cert for .local domain inside and .com outside

Posted on 2010-09-21
3
821 Views
Last Modified: 2012-06-22
I have a SBS2003 server running Exchange 2003, I need to get Droids and iPhones to connect to Activesync, and of course need a 3rd party Cert.

Here’s my problem.
My internal network is: mynetwork.local
Our email domain is: myWebDomain.com
A SSL Cert for myWebDomain.com won’t recognize a .local domain name which is where the Exchange mail server lives
I know I need a mutli domain SSL Certificate and can get it from GoDaddy cheaply but how do I generate the right CSR?
Do I generate the correct CSR in IIS
      From the Default Website
      Echange
      ExAdmin
      Microsoft-Server-ActiveSync

Do I need a second CSR for mynetwork.local or do I just include mynetwork.local in the SSL request as one of the domains?
What do I do about webmail.myWebDomain.com which points to Outlook Web Access.

I have the same problem with SBS2008 and Exchange 2007 which an entirely different beast. For that I have to do it from Command Line
0
Comment
Question by:ics-pc
3 Comments
 
LVL 16

Expert Comment

by:uescomp
Comment Utility
I use this online tool to generate certificate requests:

https://www.digicert.com/easy-csr/exchange2007.htm

It says its for Exchange 2007 but I believe it will work for 2003 as well.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
Comment Utility
the public cert CSR , you can do it from IIS.

you can use a free public CA (startssl.com) it works as same as godaddy, but free!!

the internal cert, you can generate it from a local CA by request a new cert using computer account  certificate MMC console.
0
 

Accepted Solution

by:
ics-pc earned 0 total points
Comment Utility
Created the CSR normally and added both the .local and .com to it.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now