Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Certificates needed for Exchange 2007 to 2010

Posted on 2013-11-25
10
Medium Priority
?
304 Views
Last Modified: 2013-11-25
Good Morning Experts,

We have a Exchange 2007 Enviorment.  I have my new Exchange server 2010 server up along side of 2007.  Some of the users are getting SSL security warnings that are from the new Exchange server.  

My installing the needed certs was planned but here is what I don't understand.

Our full migration is happening over Christmas and then we will demote the 2007 Exhange.
We already have purchased the appropriate certifications for our 2007 server so do I need to purchase double if they are going to co-exist?  We already have a cert designated for our mail.domain.org so I am confused if I need to purchase additional certs for this limited time, or the alerts will just happen until I complete the migration process.  I am hopeful I can just transfer them over.

Thank you for your help.

Karen
0
Comment
Question by:klsphotos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 10

Assisted Solution

by:Sean
Sean earned 1336 total points
ID: 39674737
you do not need an additional cert if you are using the same name for what is registered on the cert. The cert does not cover servers it covers address spaces so you can use that cert on as many servers as you wish. I would also make sure your autodiscover address is included in the cert or uses the same name as what is on your cert as this is probably what is alerting.
0
 
LVL 22

Assisted Solution

by:Nick Rhode
Nick Rhode earned 332 total points
ID: 39674776
What is happening is your Exchange 2007 has the installed cert but the co-existant exchange 2010 still has the default self-signed certificate.  You can install the cert on the 2010 but make sure the name spaces match.  Typically a UCC is used for exchange with the following urls.

Example

mail.domain.com
autodiscover.domain.com
domain.com
domain
0
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 332 total points
ID: 39674779
Ditto to NRhode, but may also need legacy.domain.com if you are doing OWA redirection and keeping the same name spaces.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:klsphotos
ID: 39674780
Will these "alerts" hurt anything to be coming up from the new server to our users until we move everything over?  Won't they just be annoying is the only hinderance?

I will check our cert, I believe it is a SAN cert.
0
 
LVL 10

Assisted Solution

by:Sean
Sean earned 1336 total points
ID: 39674781
The alerts do not hurt anything, just a warning and can be annoying is all.

I wanted to be clear that it sounds like you just need to copy your current cert to the new server, install it, and assign all services to it. this is a cert you purchased not self signed correct?
0
 

Author Comment

by:klsphotos
ID: 39674793
Yes, we purchased it but what i am fuzzy about is, since it's registered to the name space that we currently have live, I can't set it up on the new exchange since we haven't migrated over right?  Can't have it in two different servers and the new one isn't set up nor mailbox moved until December?

Hope that made sense.  They will co-exist, well they are now,  for a few days until I get all the moves done the day after Christmas.

Karen
0
 
LVL 10

Assisted Solution

by:Sean
Sean earned 1336 total points
ID: 39674806
In order to migrate you will need to point everything to the new setup (2010) and have mail route from 2010 to 2007 if that user is still on 2007. So basically your CAS servers will be 2010 and your mail servers will be 2007. You can do this move gradually if you have the routing setup correctly.
0
 

Author Comment

by:klsphotos
ID: 39674839
Right I plan on routing everything right after Christmas then proceeding with the moves of the mailboxes, but wanted the new Exchange server up now to test performance (it's a virtual) and set up everything I possibly can prior to the change over.  It sounds like that is when I should install the certs and the alerts are not hurting anything in the mean time.  I didn't think we would have to purchase another one.
0
 
LVL 10

Accepted Solution

by:
Sean earned 1336 total points
ID: 39674849
You can install the certs at any time. This will not hurt anything at all and could get rid of the alerts. The only thing that will affect routing is your send/receive connectors and your router.

you may want to run jetstress if your testing performance if this isn't want your using already :)

http://technet.microsoft.com/en-us/library/ff706601%28v=exchg.141%29.aspx
0
 

Author Closing Comment

by:klsphotos
ID: 39674942
Thank you so much everyone!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question