Solved

install ssl certificate for outlook anywhere with x.local

Posted on 2011-02-14
4
545 Views
Last Modified: 2012-05-11
We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?
For exemble our real domain is 123.local but our FQDM is 123.com
We are not able to vaidate a certifite with a ".local" in the name. So when it works from the inside it doesn't from the outside and vice versa.
How can we solve this ?
0
Comment
Question by:eric_tardif
  • 2
  • 2
4 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 34890949

>> We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?

You can do this no problem -- you need to buy what is known as a Subject Alternate Name (SAN) certificate from a trusted third-party reseller. This enables you to include BOTH your 123.com and 123.local domains as valid names which the certificate will work for.

As a general rule of thumb, you need to include the following names in your certificate request:
autodiscover.123.com
owa.123.com
servername.domain.local
servername

Replace owa with the name of the domain you log in to OWA/Exchange ActiveSync externally with -- you might use, for example, mail or webmail as the subdomain instead.

If you're using Exchange 2010, there is a handy wizard on the Server Configuration page of Exchange Management Console to walk you through the steps of generating your certificate request. Alternatively, Digicert have a nifty tool: https://www.digicert.com/easy-csr/exchange2007.htm.

If you don't have a preference over third party suppliers, my usual recommendation is GoDaddy. SAN certificates cost next to nothing and eliminate the issues you have without one.

-Matt
0
 

Author Comment

by:eric_tardif
ID: 34891304
Hi,
Good answer thanks. Question: i don't see SAN certificate on GOdaddy. Is it the samething as UCC ? i think i bought a UCC before and i was not able to put a .local in my certificate. Am i worng ?
Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 34891366

Yep, it is. SAN and UCC are the same thing.

You can certainly include a .local name in a SAN certificate. I source all certificates from GoDaddy for all my clients (some of which have fairly complex Exchange deployments) and have no issues including their .local name in the certificate.

-Matt
0
 

Author Closing Comment

by:eric_tardif
ID: 34897092
Very Fast.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Find out what you should include to make the best professional email signature for your organization.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now