We already own certificates and more importantly a wildcard certificate for our domain. During the upgrade to Exchange 2010 from Exchange 2003, we need to make sure that we can use the wildcard to minimize downtime. If we were to request new certificates, we would have to revoke the current certificates meaning we'd have untrusted connections for end-users until we get the new certificate generated.
If we use a wildcard certificate on our externally facing Load Balancers and do self signed certificates internally, will this work for Exchange 2010 and 2003 during coexistence? I seem to think it will since the wildcard is a catch-all and will work for the new legacy.domain.com and the older mail.domain.com along with autodiscover.domain.com.
Can we do this?