• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

install ssl certificate for outlook anywhere with x.local

We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?
For exemble our real domain is 123.local but our FQDM is 123.com
We are not able to vaidate a certifite with a ".local" in the name. So when it works from the inside it doesn't from the outside and vice versa.
How can we solve this ?
0
eric_tardif
Asked:
eric_tardif
  • 2
  • 2
1 Solution
 
tigermattCommented:

>> We want to install a ssl certificate for outlook anywhere but our domain has x.local in the name, how do we proceed ?

You can do this no problem -- you need to buy what is known as a Subject Alternate Name (SAN) certificate from a trusted third-party reseller. This enables you to include BOTH your 123.com and 123.local domains as valid names which the certificate will work for.

As a general rule of thumb, you need to include the following names in your certificate request:
autodiscover.123.com
owa.123.com
servername.domain.local
servername

Replace owa with the name of the domain you log in to OWA/Exchange ActiveSync externally with -- you might use, for example, mail or webmail as the subdomain instead.

If you're using Exchange 2010, there is a handy wizard on the Server Configuration page of Exchange Management Console to walk you through the steps of generating your certificate request. Alternatively, Digicert have a nifty tool: https://www.digicert.com/easy-csr/exchange2007.htm.

If you don't have a preference over third party suppliers, my usual recommendation is GoDaddy. SAN certificates cost next to nothing and eliminate the issues you have without one.

-Matt
0
 
eric_tardifAuthor Commented:
Hi,
Good answer thanks. Question: i don't see SAN certificate on GOdaddy. Is it the samething as UCC ? i think i bought a UCC before and i was not able to put a .local in my certificate. Am i worng ?
Thanks.
0
 
tigermattCommented:

Yep, it is. SAN and UCC are the same thing.

You can certainly include a .local name in a SAN certificate. I source all certificates from GoDaddy for all my clients (some of which have fairly complex Exchange deployments) and have no issues including their .local name in the certificate.

-Matt
0
 
eric_tardifAuthor Commented:
Very Fast.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now