Solved

Certificate Type For Exchange

Posted on 2012-04-04
6
355 Views
Last Modified: 2012-04-04
Hello,

I am working on getting our first exchange server up and running. The server is SBS 2011 with exchange 2010. We will have mobile devices that will access exchange remotely as well as internally on our network.

Since our outside IP address will be different from our internal IP address do I need to worry about the type of SSL certificate I need to buy or will any trusted certificate work?

Also, is there a certain provider that will provide the best compatibility across platforms?

Thank you in advance.
0
Comment
Question by:Pawel_Kowalski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37808449
To make Exchange 2010 happy which comes with SBS 2011, you would be best advised to buy a SAN / UCC certificate (multi-name) with a minimum of 5 names including:

remote.externaldomain.com (or whatever you configure SBS to use)
autodiscover.externaldomain.com
servername.internaldomain.local
servername
sites

GoDaddy are about the cheapest place to buy but a GoDaddy Reseller account is cheaper still.
0
 

Author Comment

by:Pawel_Kowalski
ID: 37808457
Thank you! Would I map the external IP to the .com and the internal IP to all others? Or is there a way to have 2 IPs for each domain on the certificate?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37808469
There is no mapping of IP's.  You need to make sure that your MX record points to your Public IP Address and that port 25 is open to receive emails, port 443 is open for HTTPS which is used by Mobile Devices to connect, port 987 for Sharepoint if you use it, port 80 if you host a website and port 4125 for Remote Web Workplace.

What are you thinking you have to do with IP's / domain names?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:Pawel_Kowalski
ID: 37808511
I thought that you had to have a dedicated IP address mapped to the SSL certificate. Am I wrong on that assumption? Thanks again
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37808523
As long as you have a Fixed IP Address for your server and the right DNS records pointing to the Fixed IP Address you will be fine.  There is no association between an SSL cert and an IP address - the cert only has Fully Qualified Domain Names in it and those names need to either resolve externally to your Public IP address or internally to your server.
0
 

Author Comment

by:Pawel_Kowalski
ID: 37808679
Great to know. Thank you!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question