Creating an SSL certificate for Exchange 2010

Posted on 2011-11-01
Last Modified: 2012-05-12
I am going to purchase an SSL certificate for a new Exchange 2010 server that I'm setting up, but it's been a while since I did this last.  I would like to use OWA and Outlook anywhere, so I need some advice as to what domain names and SAN's to put in the certificate.

Let's say that my mailserver is called: mail-pc

The FQDN is mail-pc.mydomain.internal

Our MX record resolves to

What names do I include (such as autodiscover) to ensure I get the cert right first time?
Question by:icuadmin
    LVL 9

    Accepted Solution

    Lets say your external domain is called and there is A records and pointing to your CAS server
    You will only need a SAN including and
    This is optimal but you will need for your internal users to implement a Split DNS wich is great because users will have the same experience inside and outside the domain.
    -they wont have to enter internally https://mail-pc.mydomain.internal/owa but /owa everywhere
    Split DNS = To create an internal DNS zone with the same name as your external ( ) and pointing A record "mail" to your local IP address of exchange
    You will also have to change the internal URLs of Exchange virtual directories following this KB:
    You other option is to include internal names in the SAN but this is not recomended at all
    using the default self signed certificates of Exchange but only for SMTP and assign you purchassed certificate for IIS

    LVL 6

    Assisted Solution

    LVL 1

    Author Closing Comment


    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now