exchange 2003, SSL certificates question

Posted on 2011-10-31
Last Modified: 2012-05-12
Hey All,

I have a client that I just installed 2 internet lines for. They have 2 static IP addresses. We have an SSL certificate installed on the server, but I get a certificate error when I go to OWA from the secondary IP address (the line we just installed).

Do I need a new certificate that can properly cover both IP addresses? What kind of certificate would I need?
Question by:tamaneri
    LVL 1

    Accepted Solution


    How many exchange servers do you have and what version? I am assuming you have more than one exchange server and if that it is the case have you done any load balancing for OWA?

    Certificate should be in the name of the URL published on the internet. So if you have 2 URLs published on the internet then you need to ensure that both the URLs are present on the certificate.

    If you can provide your network topology details properly, then perhaps I can help you out.

    LVL 13

    Assisted Solution


    Do you setup your exchange for more than 2 OWA? Yup, a diagram would be better.

    It is ok to have many lines to a server, however, the important thing is to have cert on the server that reflect to the NS name of the server. So that both line, let say and is refer to same address, Usually this done by for server load balance with DNS round robin.

    So, what cert you need? If you have different name, like and then you need to:
    1. Have 2 cert, one for each name
    1. Just one wildcard cert that can handle both name. Like how I setup my mail server ( and - both are different server)

    If you just have one NS name and ONE server only, one cert is enough for your server for both line (I assume both line connected ot your server).

    If you have one NS name but 2 servers (one for each line), you may need to carefull created the CSR using exportable private key, so that when you deploy the cert on one server you can easily export them as PFX file and import it into second server.

    Godaddy have cheap cert, and it works.
    LVL 3

    Author Comment

    Hey guys,

    totally a noob mistake. I just realized I got the certificate error because I browsed to the site via IP. I am having the guys that manage the DNS configure a round-robin DNS so that both public IP addresses (both internet lines) resolve to my A record (

    Just since you guys were interested:

    2 internet lines coming into a SonicWALL TZ-210. Only 1 exchange server. I am setting up fail-over on the Sonicwall. Need both public IP addresses to resolve to a single A record.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Promote certifications in your email signature

    Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

    Find out how to use dynamic social media in email signatures with this top 10 DOs & DON’Ts.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now