Self Signed Certificate for Default Web Site in IIS6
Posted on 2012-08-28
The certificate for my SBS2003 server expired not too long ago so I decided to create a new self signed certificate to replace it and also to utilize Outlook Anywhere (RPCoverHTTP) for my clients. Everything seemed to fine, including Outlook Anywhere, after creating the certificate and replacing it in Default Web Site in IIS6. And just for more details I used the FQDN, example.domain.com.
Now this is where I noticed an issue. Under the Default Web Site in IIS6 I have the virtual directories for Exchange (Outlook Web Access) and Remote (for Remote Web Workplace) and also Exadmin and Exchange-oma (for mobile access). What happens now is that when I open Exchange System Manager and try to browse my 'Public Folders' I receive the error:
The SSL certificate server name is incorrect.
ID no: c103b404 Exchange System Manager.
I thought that this could be an easy fix by removing the 'Require secure channel (SSL) option from within the Exadmin virtual directory under Default Web Site, but even after doing that and restarting IIS I still get the same error when browsing my public folders within Exchange System Manager. The only thing I have found to fix this is to create a new self signed certificate with the FQDN including the SBS hostname: server.example.domain.com, instead of just example.domain.com. But if I replace the certificate for the Default Web Site with this new certificate with the hostname my Outlook Web Access and Remote Web Workplace website will no longer function.
So my question is how do I get the Default Web Site self signed certificate to work with all virtual directories that are under the Default Web Site in IIS6? Am I using the wrong FQDN in my certificate when I create it? Or is there something else I am simply overlooking. Any help with this is appreciated as always.