How to handle certificate(s)s when migrating from exchange 2003>2010 with no downtime.
Posted on 2011-09-23
I am about to migrate a customers exchange 2003>2010. I will not be able to migrate all mailboxes at the same time so i have to have a co-op working solution. And i need help to see if i am thinking the right way regarding webmail certificate to have no downtime on mobile sync etc if the mailbox is still on exchange 2003 or moved to 2010.
Is this the correct way to go about it?
- I buy a new san certificate. In it i put current webmail address, autodiscover record and new legacy name for exchange 2003.
- I install this certificate on exchange 2010. Change correct path etc to point exchange 2003 to the legacy name.
- Export the certificate from exchange 2010.
- Import and replace exchange 2003 certificate with that certificate.
- Change firewall to point to exchange 2010.
Mobile sync is still on same webmailaddress. Exchange 2010 will redirect internally if user has the mailbox still on exchange 2003.
Is this correct? If not please give instructions on better solution.
If this is correct it would also be great to have exact scripts needed to set correct addresses on exchange 2010 server for webmail, autodiscover,legacy and how to export the cert from exchange 2010.
Thanks in advance.