Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

install ssl certificate for outlook anywhere with x.local

Posted on 2011-02-14
4
Medium Priority
?
553 Views
Last Modified: 2012-05-11
We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?
For exemble our real domain is 123.local but our FQDM is 123.com
We are not able to vaidate a certifite with a ".local" in the name. So when it works from the inside it doesn't from the outside and vice versa.
How can we solve this ?
0
Comment
Question by:eric_tardif
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 2000 total points
ID: 34890949

>> We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?

You can do this no problem -- you need to buy what is known as a Subject Alternate Name (SAN) certificate from a trusted third-party reseller. This enables you to include BOTH your 123.com and 123.local domains as valid names which the certificate will work for.

As a general rule of thumb, you need to include the following names in your certificate request:
autodiscover.123.com
owa.123.com
servername.domain.local
servername

Replace owa with the name of the domain you log in to OWA/Exchange ActiveSync externally with -- you might use, for example, mail or webmail as the subdomain instead.

If you're using Exchange 2010, there is a handy wizard on the Server Configuration page of Exchange Management Console to walk you through the steps of generating your certificate request. Alternatively, Digicert have a nifty tool: https://www.digicert.com/easy-csr/exchange2007.htm.

If you don't have a preference over third party suppliers, my usual recommendation is GoDaddy. SAN certificates cost next to nothing and eliminate the issues you have without one.

-Matt
0
 

Author Comment

by:eric_tardif
ID: 34891304
Hi,
Good answer thanks. Question: i don't see SAN certificate on GOdaddy. Is it the samething as UCC ? i think i bought a UCC before and i was not able to put a .local in my certificate. Am i worng ?
Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 34891366

Yep, it is. SAN and UCC are the same thing.

You can certainly include a .local name in a SAN certificate. I source all certificates from GoDaddy for all my clients (some of which have fairly complex Exchange deployments) and have no issues including their .local name in the certificate.

-Matt
0
 

Author Closing Comment

by:eric_tardif
ID: 34897092
Very Fast.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question