I have Exch 2003 which was set up on the perimeter with its own public IP. It is the PDC/DNS server as well. We currently use a self signed cert for the Exchange 2003 (same server is the CA) I need to create a game plan for implementing a SAN/UCC cert with the needed DNS names:
I'm not sure on the last one.
I'm being asked to create a self signed SAN from the PDC/CA for use with both servers. As I understand it I can generate a SAN request from Exch 2010, fulfill the request from the 2003 server CA. Import it back to Exch 2010, export it and import it into Exch 2003.
Please correct the above logic if I'm wrong.
Assuming the plan is sound, will I have problems with the certs when the PDC is retired along with the Certificate Authority installed on it? or will the certs work fine until they expire? I'm learning ssl better but don't know the impact of retiring this PDC.
I will do everything in my power to have my manager just spring for the public CA cert in the mean time.