Certificate Request For Exchange On SBS2011

Hello,

I followed advice from an earlier question and got a UCC certificate from GoDaddy for 5 domains. My server is set up to use remote.externaldomain.com

The 5 domains I was going to secure were:

remote.externaldomain.com
autodiscover.externaldomain.com
servername.internaldomain.local
servername
sites

However, when I create the request using SBS2011 console the request already has the following 2 domains added in to it:

externaldomain.com
servername.domain.local

This would force me to have 6 domains since i also need to add externaldomain.com

Why is SBS2011 creating the certificate under externaldomain.com, shouldn't it be using remote.externaldomain.com?

Thank you.
Pawel_KowalskiAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
How are you creating the Certificate request?  Via the SBS Console Wizard or the Exchange New Certificate Wizard?  I always use the latter and this always works for me.

EMC> Server Config> New Certificate Request Wizard
0
Pawel_KowalskiAuthor Commented:
I used the sbs console. Will exchange set up remote web workplace for me? Should I worry about SBS console not creating a proper request?
0
Alan HardistyCo-OwnerCommented:
RWW is setup by running the SBS Wizards, so that should already have been done.

I use the Exchange Wizard - expand all the sections, fill in the relevant FQDN (internal / External) and then at the bottom, add servername and sites (deleting what is already there) and then click next - check the 5 names you want (which are correct from your list by the way) are listed and if not, go back and correct the Wizard), then once they are correct, set the correct common name remote.domain.com and click next and complete the wizard.

Then take the CSR to GoDaddy and run through the Certificate Request.

Once approved, you need to import and enable the wizard as follows:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\remote.yourdomain.com.crt -Encoding byte -ReadCount 0)) | Enable-ExchangeCertificate -Services IIS,POP,IMAP,SMTP

Change the remote.yourdomain.com.crt to match your certificate name (make sure it is in c:\ or change the path to reflect the location and run the command and everything should start to work and be 100% happy.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Pawel_KowalskiAuthor Commented:
Worked great, thank you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.