Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

SSL Cert for .local domain inside and .com outside

Posted on 2010-09-21
3
823 Views
Last Modified: 2012-06-22
I have a SBS2003 server running Exchange 2003, I need to get Droids and iPhones to connect to Activesync, and of course need a 3rd party Cert.

Here’s my problem.
My internal network is: mynetwork.local
Our email domain is: myWebDomain.com
A SSL Cert for myWebDomain.com won’t recognize a .local domain name which is where the Exchange mail server lives
I know I need a mutli domain SSL Certificate and can get it from GoDaddy cheaply but how do I generate the right CSR?
Do I generate the correct CSR in IIS
      From the Default Website
      Echange
      ExAdmin
      Microsoft-Server-ActiveSync

Do I need a second CSR for mynetwork.local or do I just include mynetwork.local in the SSL request as one of the domains?
What do I do about webmail.myWebDomain.com which points to Outlook Web Access.

I have the same problem with SBS2008 and Exchange 2007 which an entirely different beast. For that I have to do it from Command Line
0
Comment
Question by:ics-pc
3 Comments
 
LVL 16

Expert Comment

by:uescomp
ID: 33729384
I use this online tool to generate certificate requests:

https://www.digicert.com/easy-csr/exchange2007.htm

It says its for Exchange 2007 but I believe it will work for 2003 as well.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 33730200
the public cert CSR , you can do it from IIS.

you can use a free public CA (startssl.com) it works as same as godaddy, but free!!

the internal cert, you can generate it from a local CA by request a new cert using computer account  certificate MMC console.
0
 

Accepted Solution

by:
ics-pc earned 0 total points
ID: 33929568
Created the CSR normally and added both the .local and .com to it.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question