Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 564
  • Last Modified:

install ssl certificate for outlook anywhere with x.local

We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?
For exemble our real domain is 123.local but our FQDM is 123.com
We are not able to vaidate a certifite with a ".local" in the name. So when it works from the inside it doesn't from the outside and vice versa.
How can we solve this ?
0
eric_tardif
Asked:
eric_tardif
  • 2
  • 2
1 Solution
 
tigermattCommented:

>> We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?

You can do this no problem -- you need to buy what is known as a Subject Alternate Name (SAN) certificate from a trusted third-party reseller. This enables you to include BOTH your 123.com and 123.local domains as valid names which the certificate will work for.

As a general rule of thumb, you need to include the following names in your certificate request:
autodiscover.123.com
owa.123.com
servername.domain.local
servername

Replace owa with the name of the domain you log in to OWA/Exchange ActiveSync externally with -- you might use, for example, mail or webmail as the subdomain instead.

If you're using Exchange 2010, there is a handy wizard on the Server Configuration page of Exchange Management Console to walk you through the steps of generating your certificate request. Alternatively, Digicert have a nifty tool: https://www.digicert.com/easy-csr/exchange2007.htm.

If you don't have a preference over third party suppliers, my usual recommendation is GoDaddy. SAN certificates cost next to nothing and eliminate the issues you have without one.

-Matt
0
 
eric_tardifAuthor Commented:
Hi,
Good answer thanks. Question: i don't see SAN certificate on GOdaddy. Is it the samething as UCC ? i think i bought a UCC before and i was not able to put a .local in my certificate. Am i worng ?
Thanks.
0
 
tigermattCommented:

Yep, it is. SAN and UCC are the same thing.

You can certainly include a .local name in a SAN certificate. I source all certificates from GoDaddy for all my clients (some of which have fairly complex Exchange deployments) and have no issues including their .local name in the certificate.

-Matt
0
 
eric_tardifAuthor Commented:
Very Fast.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now