?
Solved

Exchange 2010 Godaddy SSL Cert

Posted on 2014-03-13
11
Medium Priority
?
566 Views
Last Modified: 2014-03-13
I am getting ready to start an Exchange 2003 to Exchange 2010 migration.  We currently have a godaddy standard ssl cert installed on our Exchange 2003 server.  Our AD domain users a name with ".local".

I just want to ensure there are no issues with owa access, Outlook/exchange discovery, etc.

The current cert does not expire until mid 2015.  

Can I use this same standard certificate or do I need to renew for another one, etc?

Do you foresee any potential issues that would affect the migration or post migration?
0
Comment
Question by:cmp119
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:Mutogi
ID: 39927050
The .local within a year can not be used on UCC SSL which is needed for 2010.

youll need to reissue for 2010, atleast for OWA traffic on external email.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927060
You won't be able to use a .local SSL certificate with Exchange 2010 because that name won't resolve publicly, so you would need to buy a new SSL certificate and buy a SAN / UCC SSL certificate.

Make sure you ad mail.domain.com (or whatever you want to use instead of mail. and also autodiscover.domain.com)

Alan
0
 

Author Comment

by:cmp119
ID: 39927076
Let's say my current godaddy SSL certificate is for mail.xyz.com, and when I renew the certificate how would it be ordered?  

I need specifics as to I want to ensure minimal problems ordering it and installing it on the exchange 2010 server.  I also do not want to cause any issues with Outlook clients communicating with this mail server.  OWA should also be able work with the new certificate as well.

Thanks.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927089
Buy a SAN / UCC SSLS cert and add the names:

mail.xyz.com and
autodiscover.xyz.com

you won't be able to renew the existing SSL certificate because that is likely to be a Single Name SSL certificate because that was all that Exchange 2003 needed.

OWA will work happily with a cert with mail.xyz.com in it.
0
 

Author Comment

by:cmp119
ID: 39927105
So let's say the AD domain is chap.local and the public mail domain is @xyz.com and the  mx record is mail.xyz.com.  With this information how would the SSL certificate be ordered?

Also, how would this affect Outlook clients needs to communicate with the local Exchange 2010 server, etc?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927111
Exactly as I have already said.  You can't order a domain with a .local name in it any more (unless the cert expires before Nov 2015), but you can tweak exchange to tell it to look at the xyz.com domain name instead of the .local domain name for .local internal domains.
0
 

Author Comment

by:cmp119
ID: 39927115
Alen - I just saw your response.  I presume I do not need to worry about adding servername.xyz.local.

I am concerned local outlook clients may have issues with this certificate for some reason.  I just don't want to deal with outlook clients issues that could possibly be related to an installed SSL Cert.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 39927125
There won't be any problems - trust me.

I manage dozens of SBS / Exchange servers and all they have in their SSL certs nowadays are mail.domain.com and autodiscover.domain.com and they are all .local internal domain names!   Our own domain is also exactly the same and we have an Exchange 2010 server internally.
0
 

Author Closing Comment

by:cmp119
ID: 39927137
Thank you for the clarification Alan!!!!
0
 

Author Comment

by:cmp119
ID: 39927143
Let me ask, do you have any documents you can send me pertaining to installing Exchange 2010 on a Windows Server 2012 VM.  I am currently using a document by the name of "Rapid Transition guide from Exchange 2003 to Exchange 2010, but it pertains to Windows Server 2008 R2 specifically.  Not sure what sort of snags I may run into with Windows Server 2012 as a VM.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927844
This link looks like it should help you (I don't have any articles myself):

http://oxfordsbsguy.com/2013/03/24/how-to-install-exchange-2010-sp3-on-windows-server-2012/

Alan
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
How to effectively resolve the number one email related issue received by helpdesks.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question