Solved

Exchange 2010 Godaddy SSL Cert

Posted on 2014-03-13
11
549 Views
Last Modified: 2014-03-13
I am getting ready to start an Exchange 2003 to Exchange 2010 migration.  We currently have a godaddy standard ssl cert installed on our Exchange 2003 server.  Our AD domain users a name with ".local".

I just want to ensure there are no issues with owa access, Outlook/exchange discovery, etc.

The current cert does not expire until mid 2015.  

Can I use this same standard certificate or do I need to renew for another one, etc?

Do you foresee any potential issues that would affect the migration or post migration?
0
Comment
Question by:cmp119
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:Mutogi
Comment Utility
The .local within a year can not be used on UCC SSL which is needed for 2010.

youll need to reissue for 2010, atleast for OWA traffic on external email.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
You won't be able to use a .local SSL certificate with Exchange 2010 because that name won't resolve publicly, so you would need to buy a new SSL certificate and buy a SAN / UCC SSL certificate.

Make sure you ad mail.domain.com (or whatever you want to use instead of mail. and also autodiscover.domain.com)

Alan
0
 

Author Comment

by:cmp119
Comment Utility
Let's say my current godaddy SSL certificate is for mail.xyz.com, and when I renew the certificate how would it be ordered?  

I need specifics as to I want to ensure minimal problems ordering it and installing it on the exchange 2010 server.  I also do not want to cause any issues with Outlook clients communicating with this mail server.  OWA should also be able work with the new certificate as well.

Thanks.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Buy a SAN / UCC SSLS cert and add the names:

mail.xyz.com and
autodiscover.xyz.com

you won't be able to renew the existing SSL certificate because that is likely to be a Single Name SSL certificate because that was all that Exchange 2003 needed.

OWA will work happily with a cert with mail.xyz.com in it.
0
 

Author Comment

by:cmp119
Comment Utility
So let's say the AD domain is chap.local and the public mail domain is @xyz.com and the  mx record is mail.xyz.com.  With this information how would the SSL certificate be ordered?

Also, how would this affect Outlook clients needs to communicate with the local Exchange 2010 server, etc?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Exactly as I have already said.  You can't order a domain with a .local name in it any more (unless the cert expires before Nov 2015), but you can tweak exchange to tell it to look at the xyz.com domain name instead of the .local domain name for .local internal domains.
0
 

Author Comment

by:cmp119
Comment Utility
Alen - I just saw your response.  I presume I do not need to worry about adding servername.xyz.local.

I am concerned local outlook clients may have issues with this certificate for some reason.  I just don't want to deal with outlook clients issues that could possibly be related to an installed SSL Cert.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
Comment Utility
There won't be any problems - trust me.

I manage dozens of SBS / Exchange servers and all they have in their SSL certs nowadays are mail.domain.com and autodiscover.domain.com and they are all .local internal domain names!   Our own domain is also exactly the same and we have an Exchange 2010 server internally.
0
 

Author Closing Comment

by:cmp119
Comment Utility
Thank you for the clarification Alan!!!!
0
 

Author Comment

by:cmp119
Comment Utility
Let me ask, do you have any documents you can send me pertaining to installing Exchange 2010 on a Windows Server 2012 VM.  I am currently using a document by the name of "Rapid Transition guide from Exchange 2003 to Exchange 2010, but it pertains to Windows Server 2008 R2 specifically.  Not sure what sort of snags I may run into with Windows Server 2012 as a VM.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
This link looks like it should help you (I don't have any articles myself):

http://oxfordsbsguy.com/2013/03/24/how-to-install-exchange-2010-sp3-on-windows-server-2012/

Alan
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now