Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 985
  • Last Modified:

SBS2011 Exchange 2010 WP7.5: Which certificate do I need?

I am in the phase of replacing a SBS2008 / Exchange 2007 environment with Windows Phone 7.5 connections.
Incomming connections other than smtp and https for the WP7.5 are all using VPNs terminated at the corporate router.
I installed a GoDaddy UCC certificate directly in the IIS  in the SBS2008.
The windows phone work perfectly including the autodiscover function.

I set up now a new SBS 2011 from scratch with the same internal/external domain names and not using the migration szenario but rebuilding the domain and transferring the data manually. Only smtp and https is needed for mail and WP7 pushmail.

How would you suggest to proceed with the existing UCC certificate? Should I try to reinstall it on the new server?
Or would a new standard certificate of GoDaddy using the SBS wizard in SBS2011 be sufficient to make the Windows phones 7.5 autodiscover and pushmail working?

Thanks for your thoughts!
  • 3
  • 2
1 Solution
Rob WilliamsCommented:
You don't need a UCC cert for SBS, it is bloged in the following link as to how to obtain and install a single name cert and configure autodicovery with SRV records.

Using your existing UCC cert would require rekeying by the certificate provider.
Simon Butler (Sembee)ConsultantCommented:
Ideally you need a UCC certificate.
The common name would be remote.example.com
The additional name would be autodiscover.example.com

Do the certificate request and install through Exchange 2010, but don't add any services. Then use the SBS wizard to enable the existing certificate. Job done.

If you use remote.example.com as your MX record as well, then you get SMTP over SSL (aka TLS).

If you have a certificate that is already able to take multiple names with time left on it, then do a REKEY through the GoDaddy system, using a new request from the SBS 2011 server, then follow what I have written above to actually activate it.

Andreas200Author Commented:
Thanks Rob!

what would you suggest as easier: rekeying or buying a single name cert?
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Rob WilliamsCommented:
At $12.99 and with simple install a new certificate is probably easier and you can leave the existing cert in place until the new server is on-line.
Andreas200Author Commented:
Thank again,

which provider sells it for 12.99?
Rob WilliamsCommented:
On the link I provided there is an add for Godaddy (my web site)  click on that and you will get the $12.99 price if you select single name and 1 year.  I put it there as the link keeps changing.  I'm not trying to persuade you so I get a 10ยข commission as I cannot even collect since I am not a US resident, but it's a good deal.  Has to be a new account, i.e. a new user name or e-mail address to create the account, but can be an existing domain.

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now