Certificate question regarding Exchange 2007 and 2013 Coexistence

I understand that for coexistance, I need the following host names:


Currently for our Exchange 2007, clients apps connect to a host name called outlook.mydomain.com.

Do I use this same name in place of mail.domain.com?  If so, what would the name for legacy.mydomain.com?

Or does the legacy.mydomain.com become replaced by outlook.mydomain.com and a new host name is chosen for mail.mydomain.com.  

Long term, I would like to keep outlook.mydomain.com since all my client apps currently point to it and I dont want to have to reconfigure them.

Also, do I apply this new certificate to both my 2013 server and replace the current cert on my 2007 with this one as well?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When you say clients connect to outlook.mydomain.com, are you referring to clients like Outlook, Outlook web access, and activesync devices? If that is the case and none of them connect to mail.mydomain.com, then you do not need mail.mydomain.com in your certificate. You would need outlook.mydomain.com instead.

Please note that legacy.mydomain.com a URL typically configured to point to the old 2007 server after you would update outlook.mydomain.com to point to Exchange 2013. The way this works is that a user with a 2007 mailbox navigates to https://outlook.mydomain.com/owa (which points to 2013), inputs his/her credentials, and then 2013 would redirect that user to legacy.mydomain.com, which points to 2007, so that user can still use OWA.

You would want this cert on your old server so it has legacy.mydomain.com in its url list for the cert.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Simon Butler (Sembee)ConsultantCommented:
The usual practise is to take the existing name and point it to the new server.
Then allow Exchange to sort out what is redirected and what is sent over the proxy.

Thus on Exchange 2007 you would configure the legacy host name, legacy.example.com is the standard one used, but you can use anything you like. Then Exchange will redirect the users who need access to Exchange 2007 to that host name instead.

Exchange 2013 will proxy Outlook Anywhere and ActiveSync, so both of those don't need an external URL or the legacy host name configured.

While you could start using mail.example.com instead, you should still direct the existing host name to the new server so that everything is caught. Exchange will downgrade easily, it doesn't upgrade well, or even at all in some cases.


ohmErnieAuthor Commented:
If I want to start using mail.domain.com now instead of outlook.domain.com, what do I need to do for coexistence?  Create a new cert on 2007 for that will include...???


2013 Cert:

I assume any mobile device or app that connects to outlook.domain.com will need to reconfigured for mail.domain.com?

I am trying to make this upgrade as seamless as possible so the end user does not need to do anything so am hesitant to change the host name from outlook to mail.  Not sure why it was ever setup this way to begin with.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.