We have an Exchange 2010 setup where some customers run their emails off our Exchange servers.
One customer has been approached by a bank to setup Mutual TLS in their communications.
I get the gist of the TLS setup but the process in our environment has me a little stumped so hoping for some direction please.
2 Edge servers (edge1 & edge2)
2 CAS servers (certificates located here - cas1 & cas2)
2 Mailbox servers (mb1 & mb2)
On each CAS server there is a self signed certificate which has IMAP\POP\SMTP services enabled.
There is a single GoDaddy Secure CA certificate installed on the CAS servers which handles IIS service for our clients to use webmail and activesync e.g owa.host.com
Because we have other customers running on the same servers its hard to test and makes me apprehensive but my thoughts are to:
1. enable godaddy cert for SMTP on both CAS servers
2. create send and receive connector for bank.com domain and enable TLS option
3. exchange certs with bank IT and we add these into Trusted sections on our Edge servers
If anyone cold correct me I'd appreciate it :)
I've read the MS technet article but it confuses me and I'm unsure if we can use the 3rd party cert we currently have in place or if we have to use something with the customer domain name in it?