Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1131
  • Last Modified:

Standard UCC SSL for Exchange 2010 SAN

Hi There,

I have one Standard UCC SSL with GoDaddy with only 5 subdomains included in the package.
I am setting up Outlook anywhere and I will need to add webmail.domain.com to the certificate.

Current SANs are:


Can I replace mxrecord.domain.com with webmail.domain.com ?

Rodrigo Carrilho
Rodrigo Carrilho
  • 2
1 Solution
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
i guess its best to consult the same with GoDaddy as you might need to create a new cert from the server with the records and get them with a cert.

- Rancy
Rodrigo CarrilhoAuthor Commented:
thanks Rancy.
Sorry if I  wasn't clear enough.

I know I can drop/add SANs with GoDaddy but I was wondering from the Exchange point of view if I will achieve my goal.

Is it really necessary to include external DNS (MX record) on a SSL certificate?

In answer to your question, yes. I personally would have configured your certificate as follows:

webmail.domain.com - Certificate name
autodiscover.domain.com - SAN
servername.domain.local - SAN
servername - SAN

Make sure your MX record points to webmail.domain.com or any other friendly name. This name doesn't need to be on your SSL certificate.

The following are not required, based on a typical scenario
autodiscover.domain.local - Not required
domain.com - Not required

When you add the new certificate back into your Exchange server, Exchange won't see it, as you need to generate the private key again. You will need to perform the following: http://support.microsoft.com/kb/889651
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Yes you can .... a good writeup from netflo should help your cause.
Also please remember to have only the new Cert :)

- Rancy

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now