Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SSL Cert for .local domain inside and .com outside

Posted on 2010-09-21
3
Medium Priority
?
834 Views
Last Modified: 2012-06-22
I have a SBS2003 server running Exchange 2003, I need to get Droids and iPhones to connect to Activesync, and of course need a 3rd party Cert.

Here’s my problem.
My internal network is: mynetwork.local
Our email domain is: myWebDomain.com
A SSL Cert for myWebDomain.com won’t recognize a .local domain name which is where the Exchange mail server lives
I know I need a mutli domain SSL Certificate and can get it from GoDaddy cheaply but how do I generate the right CSR?
Do I generate the correct CSR in IIS
      From the Default Website
      Echange
      ExAdmin
      Microsoft-Server-ActiveSync

Do I need a second CSR for mynetwork.local or do I just include mynetwork.local in the SSL request as one of the domains?
What do I do about webmail.myWebDomain.com which points to Outlook Web Access.

I have the same problem with SBS2008 and Exchange 2007 which an entirely different beast. For that I have to do it from Command Line
0
Comment
Question by:ics-pc
3 Comments
 
LVL 16

Expert Comment

by:uescomp
ID: 33729384
I use this online tool to generate certificate requests:

https://www.digicert.com/easy-csr/exchange2007.htm

It says its for Exchange 2007 but I believe it will work for 2003 as well.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 33730200
the public cert CSR , you can do it from IIS.

you can use a free public CA (startssl.com) it works as same as godaddy, but free!!

the internal cert, you can generate it from a local CA by request a new cert using computer account  certificate MMC console.
0
 

Accepted Solution

by:
ics-pc earned 0 total points
ID: 33929568
Created the CSR normally and added both the .local and .com to it.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question