Solved

Certificate for OA

Posted on 2013-01-21
6
222 Views
Last Modified: 2013-01-29
Hi Guys,

I am about to purchase certificates for outlook anywhere but i am a bit confused.

Basically, we got 2 exchange 2010 servers located in different sites and both are in the same domain.

Now my question is, will a wild-card certificate work for my 2 exchange servers or do i need to purchase a certificate per server?
0
Comment
Question by:R2_D2
  • 2
  • 2
  • 2
6 Comments
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 38801571
Hello,

A wildcard certificate will work fine, unless you have older Windows mobile devices or you have OCS2007 and need integration. If you have Windows XP clients that aren't at the latest service pack level, you also need to make some changes to the certprincipalname so that is uses msstd:*.yourdomain.com

If you choose to purchase a SAN certificate, you need at least mail.domain.com and autodiscover.domain.com, provided only one of your sites is internet facing. If both sites are internet facing, you will need a third name on the cert for the second site.

JJ
0
 
LVL 49

Expert Comment

by:Akhater
ID: 38804110
I wouldn't recommend using a wild card, although technically it works  it is sensibly harder to configure specially if you are not experienced

I would buy a SAN certificate and include all the needed URI in it
0
 

Author Comment

by:R2_D2
ID: 38805627
will it work if i install 2 certificates, one on each server ?

because  is cheaper rather than buying a  SAN or Wild-Card Cert.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 49

Expert Comment

by:Akhater
ID: 38805638
no it won't you do need a SAN certificate (or a wild card)

san certificates are less than $100 a year
0
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 500 total points
ID: 38805650
Yes, it is possible to use a single name certificate. You will need to have an SRV record created in your DNS zone for the autodiscover service.

Here is a script that will help you set it up - http://virtualbarrymartin.me/2009/12/29/how-to-setup-exchange-2010-to-use-a-single-certificate-for-internal-and-external-use/

JJ
0
 

Author Closing Comment

by:R2_D2
ID: 38830209
Yes that worked
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now