• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 836
  • Last Modified:

SSL Cert for .local domain inside and .com outside

I have a SBS2003 server running Exchange 2003, I need to get Droids and iPhones to connect to Activesync, and of course need a 3rd party Cert.

Here’s my problem.
My internal network is: mynetwork.local
Our email domain is: myWebDomain.com
A SSL Cert for myWebDomain.com won’t recognize a .local domain name which is where the Exchange mail server lives
I know I need a mutli domain SSL Certificate and can get it from GoDaddy cheaply but how do I generate the right CSR?
Do I generate the correct CSR in IIS
      From the Default Website
      Echange
      ExAdmin
      Microsoft-Server-ActiveSync

Do I need a second CSR for mynetwork.local or do I just include mynetwork.local in the SSL request as one of the domains?
What do I do about webmail.myWebDomain.com which points to Outlook Web Access.

I have the same problem with SBS2008 and Exchange 2007 which an entirely different beast. For that I have to do it from Command Line
0
ics-pc
Asked:
ics-pc
1 Solution
 
uescompCommented:
I use this online tool to generate certificate requests:

https://www.digicert.com/easy-csr/exchange2007.htm

It says its for Exchange 2007 but I believe it will work for 2003 as well.
0
 
Suliman Abu KharroubIT Consultant Commented:
the public cert CSR , you can do it from IIS.

you can use a free public CA (startssl.com) it works as same as godaddy, but free!!

the internal cert, you can generate it from a local CA by request a new cert using computer account  certificate MMC console.
0
 
ics-pcAuthor Commented:
Created the CSR normally and added both the .local and .com to it.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now