Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Certificate for OA

Posted on 2013-01-21
6
Medium Priority
?
231 Views
Last Modified: 2013-01-29
Hi Guys,

I am about to purchase certificates for outlook anywhere but i am a bit confused.

Basically, we got 2 exchange 2010 servers located in different sites and both are in the same domain.

Now my question is, will a wild-card certificate work for my 2 exchange servers or do i need to purchase a certificate per server?
0
Comment
Question by:R2_D2
  • 2
  • 2
  • 2
6 Comments
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 38801571
Hello,

A wildcard certificate will work fine, unless you have older Windows mobile devices or you have OCS2007 and need integration. If you have Windows XP clients that aren't at the latest service pack level, you also need to make some changes to the certprincipalname so that is uses msstd:*.yourdomain.com

If you choose to purchase a SAN certificate, you need at least mail.domain.com and autodiscover.domain.com, provided only one of your sites is internet facing. If both sites are internet facing, you will need a third name on the cert for the second site.

JJ
0
 
LVL 49

Expert Comment

by:Akhater
ID: 38804110
I wouldn't recommend using a wild card, although technically it works  it is sensibly harder to configure specially if you are not experienced

I would buy a SAN certificate and include all the needed URI in it
0
 

Author Comment

by:R2_D2
ID: 38805627
will it work if i install 2 certificates, one on each server ?

because  is cheaper rather than buying a  SAN or Wild-Card Cert.
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 49

Expert Comment

by:Akhater
ID: 38805638
no it won't you do need a SAN certificate (or a wild card)

san certificates are less than $100 a year
0
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 2000 total points
ID: 38805650
Yes, it is possible to use a single name certificate. You will need to have an SRV record created in your DNS zone for the autodiscover service.

Here is a script that will help you set it up - http://virtualbarrymartin.me/2009/12/29/how-to-setup-exchange-2010-to-use-a-single-certificate-for-internal-and-external-use/

JJ
0
 

Author Closing Comment

by:R2_D2
ID: 38830209
Yes that worked
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question