• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 996
  • Last Modified:

Exchange 2007 Legacy

Hello,

I have configured a new Exchange 2013 server and it has gone quite well. I am though a little confused on the legacy setup and the certificate process for coexistence.

I have one 2007 Exchange and one 2013

I have created a DNS A record internally and externally for legacy.domain.com. This points to the 2007 Exchange server.

When I browse https://legacy.domain.com I am welcomed by a certificate error screen. Upon pressing continue it forwards to me https://mail.domain.com (which is the OWA front end for my 2007 exchange) which has no cert errors and has the third party cert  (GoDaddy)

I guess my questions are...

1) Do I have to now create a new certificate with godaddy for legacy.domain.com and bind it to the 2007 exchange server?

2) How do I enable the 2007 OWA so it uses legacy.domain.com URL as its OWA address

3) Once the legacy url and cert is working on the 2007 exchange I will then point mail.domain.com to the 2013 exchange. I will also have to re-issue the original cert as mail.domain.com is hosted on a new server?
0
lebz29
Asked:
lebz29
  • 3
  • 2
1 Solution
 
vSolutionsITCommented:
answeres to your questions below

1) yes, you will have to create a new third party certificate with legacy.domain.com added to it's subjecdt alternative properties. once this certificate is avaialble you will have to install it on your legacy server as well.

2) you will have to use powershell cmdlet to redirect legacy to exchange 2007 server.

3)correct. once the new certificate is installed and powershell command is executed you will have to point your firewall to route mailflow/owa/acitvesync traffic to exchange 2013 server. you relly dont need to assign a new certificate as it should contain all the enteries when you created the certificate.

For better understanding read below article. even through it is for exchange 2003 - exchange 2010 the same concept applies to exchange 2013 as well.
http://exchangeserverpro.com/exchange-2003-2010-coexistence/
0
 
lebz29Author Commented:
Thank you. For step #3 How do I then import my third party cert into the 2013 server?
0
 
lebz29Author Commented:
Thank you. I meant to post I was ok earlier

So here is the issue I am now having with the certs.

1) Imported the legacy cert into 2007 and changed the URL path for OWA accordingly and changed the binding for IIS

2) Imported the original exchange cert just fine into 2013. I changed my firewall settings to the new 2013 server. OWA 2013 pops up just fine externally (awesome). I go to login with my user credentials and the page doesn't re-direct to the legacy OWA. Instead I get a  "Page cannot be displayed" error. If I browse the 2013s OWA instance locally on the 2013 server it re-directs me to the 2007 instance where I have to login again.

2) The moment I change the SSL cert on my 2007 server to add the legacy.domain.com I receive a constant popup in outlook indicating cert name does not match the server name.
0
 
vSolutionsITCommented:
you will have to modify exchange web services url's on the exchange 2007 server as per the domain name in the new certificate.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now