Solved

Exchange 2007 Legacy

Posted on 2013-06-01
5
962 Views
Last Modified: 2013-06-01
Hello,

I have configured a new Exchange 2013 server and it has gone quite well. I am though a little confused on the legacy setup and the certificate process for coexistence.

I have one 2007 Exchange and one 2013

I have created a DNS A record internally and externally for legacy.domain.com. This points to the 2007 Exchange server.

When I browse https://legacy.domain.com I am welcomed by a certificate error screen. Upon pressing continue it forwards to me https://mail.domain.com (which is the OWA front end for my 2007 exchange) which has no cert errors and has the third party cert  (GoDaddy)

I guess my questions are...

1) Do I have to now create a new certificate with godaddy for legacy.domain.com and bind it to the 2007 exchange server?

2) How do I enable the 2007 OWA so it uses legacy.domain.com URL as its OWA address

3) Once the legacy url and cert is working on the 2007 exchange I will then point mail.domain.com to the 2013 exchange. I will also have to re-issue the original cert as mail.domain.com is hosted on a new server?
0
Comment
Question by:lebz29
  • 3
  • 2
5 Comments
 
LVL 8

Accepted Solution

by:
vSolutionsIT earned 500 total points
ID: 39213492
answeres to your questions below

1) yes, you will have to create a new third party certificate with legacy.domain.com added to it's subjecdt alternative properties. once this certificate is avaialble you will have to install it on your legacy server as well.

2) you will have to use powershell cmdlet to redirect legacy to exchange 2007 server.

3)correct. once the new certificate is installed and powershell command is executed you will have to point your firewall to route mailflow/owa/acitvesync traffic to exchange 2013 server. you relly dont need to assign a new certificate as it should contain all the enteries when you created the certificate.

For better understanding read below article. even through it is for exchange 2003 - exchange 2010 the same concept applies to exchange 2013 as well.
http://exchangeserverpro.com/exchange-2003-2010-coexistence/
0
 

Author Comment

by:lebz29
ID: 39213511
Thank you. For step #3 How do I then import my third party cert into the 2013 server?
0
 
LVL 8

Expert Comment

by:vSolutionsIT
ID: 39213581
0
 

Author Comment

by:lebz29
ID: 39213603
Thank you. I meant to post I was ok earlier

So here is the issue I am now having with the certs.

1) Imported the legacy cert into 2007 and changed the URL path for OWA accordingly and changed the binding for IIS

2) Imported the original exchange cert just fine into 2013. I changed my firewall settings to the new 2013 server. OWA 2013 pops up just fine externally (awesome). I go to login with my user credentials and the page doesn't re-direct to the legacy OWA. Instead I get a  "Page cannot be displayed" error. If I browse the 2013s OWA instance locally on the 2013 server it re-directs me to the 2007 instance where I have to login again.

2) The moment I change the SSL cert on my 2007 server to add the legacy.domain.com I receive a constant popup in outlook indicating cert name does not match the server name.
0
 
LVL 8

Expert Comment

by:vSolutionsIT
ID: 39213657
you will have to modify exchange web services url's on the exchange 2007 server as per the domain name in the new certificate.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now