• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 676
  • Last Modified:

Exchange 2010 SAN Certificates for NLB Cas

Hi Experts,

Just a quick check.

I'm transitioning from Exchange 2003 to Exchange 2010. Will have 2 CAS/HT with NLB on them.

Will have the following addresses:

cas01.example.net (Cas server 01)
cas02.example.net (cas server 02)
nlb.example.net (nlb address)
webmail.example.com (owa access from inside and outside)

Example.Net is our internal AD Domain
Example.com is our External Email Domain

What FQDN's must be on SAN certificate? I don't want to expose my internal server's name on the internet by adding them to the certificate. But autodiscover must work on both sides.

Tks for the help.

Rodrigo Garcone
  • 2
  • 2
1 Solution
what you NEED in your san is


if you don't want to expose your internal domain to the outside and you can create internally a dns zone for external.com then all you need is the above. if not you need to add webmail.internal.com
garconerAuthor Commented:
What about the CAS Servers FQDN's? Shouldn't be in the SAN Certificate for internal mail accessing?
no in 2010  they dont need to be in the san
garconerAuthor Commented:
That's it! No need for Netbios and other stuff here.

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now