Purchasing new SAN Cert for Exchange 2010 server during coexistence

All my users are on a single Exchange server and use Outlook,OWA and ActiveSync to connect.  There is a third party SSL certificate on this server that uses the name "mail.mycompany.com".

I've just installed Exchange 2010 on a new server that will coexist with the existing 2003 server for a few weeks while I get everyone moved over.  I'm just about to order a new SAN certificate, but was wondering about the name "mail.mycompany.com".  Since it is currently being used on the 2003 server, can I go ahead and order the new SAN certificate, which will include "mail.mycompany.com"(which will point to the new server after I change my NAT policy to point to the new server) without any ill effects on the current server?

Basically just wondering if I order this new cert, will it somehow invalidate the current certificate being used on the 2003 server because both certs will reference "mail.mycompany.com"....?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tenoverAuthor Commented:
Also- Since it looks like I need to install this new SAN cert on both the 2010 Exchange server AND also replace the the current certificate with this new one on the Exchange 2003 server, do I need to include the NETBIOS/machine name of the Exchange 2003 server on this new cert as well?  Currently ready to go with the follwoing:


If you are planning to use the same cert. vendor:
> you can reuse the same validity months\years and ask for a new SAN Certificate
They will give a 2-3 days of overlap period and then revoke the older single certificate.

So, you can ask for a new SAN Certificate including the mail.mycompany.com ....then install the same cert. on both the E2010 and E2k3 servers
(just E2k3 wont expect\respect the other SAN values...should stay with the issued-to value)

>> No need to add the nebios-name\machine-name of the E2k3 servers in the SAN values.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.