Solved

Replacing Exchange 2003 Front End OWA server

Posted on 2013-06-05
7
568 Views
Last Modified: 2013-07-15
We have a current Exchange 2003 Front End server that is really out of date and has limited processor speed and memory and is due for an upgrade.

Since I cannot really upgrade this old server anymore I opted to purchase another one to replace it.

I have installed Server 2003 and Exchange 2003, I've added it to my domain, ESM see's the current Servers right now, I have copied over all the IIS settings and have done all the updates needed.

The only thing I have left to do is to change it to the Static IP of the old server and move the SSL cert to the new server also tick the check box in ESM to tell it that its a Front End.

So far so good?

I want to leave the old server in place as a backup just in case something happens to the new one, also just in case once I swap it over if issues occur I can just swap it back.

So can the SSL cert be copied out of the old server and imported into the new server without it being deleted out of the old one?

Once I tick the box in ESM that the new server is the Front End do I have to untick the old server in ESM?

Anything else I'm missing?
0
Comment
Question by:Neogeo147
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 4

Expert Comment

by:MrC63
ID: 39223089
If it's a third party certificate (VeriSign, GoDaddy, Thawte, etc), it is keyed by the issuer, and is keyed against a specific machine.  You cannot simply copy the SSL from the old server to the new one.  You'll need to generate a new CSR code, and re-key the certificate with the issuer against the new server.  This will render the old server SSL certificate invalid.  However, it normally only takes a few minutes to re-key an SSL certificate, so if you ever did have to go back to the old server, you would simply repeat this process.

Is it safe to assume your mailboxes and information stores are on other back-end servers?
0
 
LVL 16

Expert Comment

by:Bruno PACI
ID: 39223538
Hi,

I know it's probably too late but if the problem was memory and processor limitation on the old physical server my simpliest solution (I mean the solution I would have tried or envisage at first) would have been to virtualize the current front-end server on Hyper-V (or VMware if you prefer).
After the P2V process you just have to add memory and vProc to your VM... The good thing is that it is the SAME server ! Nothing to change, nothing to move, nothing to migrate.

Yes of course, Microsoft does not support Exchange 2003 in a virtualized environment. But it works very very well anyway.
Also, you don't have to care about the MS support because Exchange 2003 support is ending in any case.


Also, virtualization resolve your "backup just in case" problem... You just have to save the VM files somewhere to be able to make it run on any other Hyper-V server...

Have a good day.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 334 total points
ID: 39223561
The first response above is incorrect.
SSL certificates are not keyed against specific machines. You can simply export the certificate AND the private key to a file, then import them.

However many of the major SSL providers (not GoDaddy, but Verisign and their associates) will tell you that you need another "licence" for the new server and want to charge you some more money.

Simon.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:Neogeo147
ID: 39223979
Thank you for the responses, actually the virtual sounds like a good plan, so how would I go about the full process?

The SSL cert is from Thawte so I can export and import it into the new server and it will still maintain the SSL cert on the old server.

Yes all mailboxes reside on the back end server.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 334 total points
ID: 39224002
Exchange 2003 doesn't care about the host name, so just export the certificate, remember to tick the box to include the private key.
Then import it in to the new server. You might have a root or intemediate certificate to import as well.

Then switch the DNS and/or firewall to point to the new server.

Simon.
0
 

Author Comment

by:Neogeo147
ID: 39224243
would I even have to switch DNS and or Firewall even though its pointing to the same IP address, the name of the server is slightly different though.
0
 
LVL 4

Assisted Solution

by:MrC63
MrC63 earned 166 total points
ID: 39224253
If you switch the static IP address as you suggested in your original post, there should be no need to make any DNS changes.
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question