AXISHK
asked on
Certificate issue in Exchange 2010
We have installed public SAN certificate in Exchange 2010 and everything works fine.
However, we encounter problem when users are connecting to the internal LAN, as the public server don't have the internal name for the Exchange servers. Actually, we have already generated a certificate with alterative name but it still doesn't work. Is it because the IIS service doesn't bind to the internal server ?
However, if we bind the IIS service to internal certificate, the external access would not work.
Any idea for the problem ?
Tks
EX01.png
However, we encounter problem when users are connecting to the internal LAN, as the public server don't have the internal name for the Exchange servers. Actually, we have already generated a certificate with alterative name but it still doesn't work. Is it because the IIS service doesn't bind to the internal server ?
However, if we bind the IIS service to internal certificate, the external access would not work.
Any idea for the problem ?
Tks
EX01.png
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
lls bind to public certificate
ASKER
Currently mail.abc.com is resolved with interal lp address
ASKER
For my problem is it affected by lls bind to public cert
When you have a certificate with every name you need because this is basic problem in lot of corporation people usually make one certificate with name mail .... and server needs one certificate with multiple names like in manual up.
Then second thing is after import a certificate you must use Exchange console to assign services to the certificate
you go to:
server configuration
select certificate you want
in right axing services to certificate
and chose all services you want tu have for certificate IIS, POP3, IMAP ..... it is simple wizard
after you can test it
Then second thing is after import a certificate you must use Exchange console to assign services to the certificate
you go to:
server configuration
select certificate you want
in right axing services to certificate
and chose all services you want tu have for certificate IIS, POP3, IMAP ..... it is simple wizard
after you can test it
ASKER
Great Tks.
ASKER
internal: ex01.abc.com ex02.abc.com exdag.abc.com mail.abc.com autodiscover.abc.com
external:mail.abc.com autodiscover
lls bind to