Solved

One SSL Cert on Two Exchange Servers

Posted on 2012-03-20
6
367 Views
Last Modified: 2012-08-13
I have purchase one SSL "Not Wild Card" and applied them to both Exchange Servers is a DAG Cluster. When I connect Outlook to one Exchange server I do not get any SSL Cert errors.

When I connect to the other Exchange server I get the following Error.

The name on the security certificate is invalid or does not match the name of the site.

Do you want to proceed.

Do I need to purchase Separate certificates for each Exchange Server?

Thanks.
0
Comment
Question by:fly4fundy
6 Comments
 

Expert Comment

by:Skiff_Rat
ID: 37743209
This can be a number of different issues.  What version of exchange are you running for this?  and for your SSL cert do you have a UCC cert or a single domain cert?
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 37743230
If you are accessing the servers using different names, you would either need a separate cert for each server or a single cert that has multiple host names listed (Subject Alternate Names, or SAN)
0
 
LVL 12

Expert Comment

by:tgtran
ID: 37743346
What you need is a SAN cert with URL/FQDN of both servers.  Since you mentioned DAG, you must be running Exchange 2010.  In this case, the cert should be on CAS instead
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:fly4fundy
ID: 37743761
The server is Exchange 2010 and the certificate is a single domain cert named webmail.hsag.com. Each server is a CAS Server.

Do I have to get a Certificate named somethingelse.hsag.com

Thank. you.
0
 
LVL 38

Assisted Solution

by:Adam Brown
Adam Brown earned 500 total points
ID: 37743770
Unless you have load balancing enabled and webmail.hsag.com points to the Virtual IP Address of the Load Balancer Virtual IP, yes, you would need an additional certificate for the other server or a certificate that has both hostnames imported on both computers.
0
 

Author Comment

by:fly4fundy
ID: 37743778
Nope no load balancer to speak of.

Thank you.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Log files are useful in diagnosing and repairing problems.  This is a list of common log files and their standard locations that I've compiled.   While this is not exhaustive, it is a pretty good list that I've found to be useful.  I may update it f…
This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now