?
Solved

Exchange 2010 Godaddy SSL Cert

Posted on 2014-03-13
11
Medium Priority
?
560 Views
Last Modified: 2014-03-13
I am getting ready to start an Exchange 2003 to Exchange 2010 migration.  We currently have a godaddy standard ssl cert installed on our Exchange 2003 server.  Our AD domain users a name with ".local".

I just want to ensure there are no issues with owa access, Outlook/exchange discovery, etc.

The current cert does not expire until mid 2015.  

Can I use this same standard certificate or do I need to renew for another one, etc?

Do you foresee any potential issues that would affect the migration or post migration?
0
Comment
Question by:cmp119
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:Mutogi
ID: 39927050
The .local within a year can not be used on UCC SSL which is needed for 2010.

youll need to reissue for 2010, atleast for OWA traffic on external email.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927060
You won't be able to use a .local SSL certificate with Exchange 2010 because that name won't resolve publicly, so you would need to buy a new SSL certificate and buy a SAN / UCC SSL certificate.

Make sure you ad mail.domain.com (or whatever you want to use instead of mail. and also autodiscover.domain.com)

Alan
0
 

Author Comment

by:cmp119
ID: 39927076
Let's say my current godaddy SSL certificate is for mail.xyz.com, and when I renew the certificate how would it be ordered?  

I need specifics as to I want to ensure minimal problems ordering it and installing it on the exchange 2010 server.  I also do not want to cause any issues with Outlook clients communicating with this mail server.  OWA should also be able work with the new certificate as well.

Thanks.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927089
Buy a SAN / UCC SSLS cert and add the names:

mail.xyz.com and
autodiscover.xyz.com

you won't be able to renew the existing SSL certificate because that is likely to be a Single Name SSL certificate because that was all that Exchange 2003 needed.

OWA will work happily with a cert with mail.xyz.com in it.
0
 

Author Comment

by:cmp119
ID: 39927105
So let's say the AD domain is chap.local and the public mail domain is @xyz.com and the  mx record is mail.xyz.com.  With this information how would the SSL certificate be ordered?

Also, how would this affect Outlook clients needs to communicate with the local Exchange 2010 server, etc?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927111
Exactly as I have already said.  You can't order a domain with a .local name in it any more (unless the cert expires before Nov 2015), but you can tweak exchange to tell it to look at the xyz.com domain name instead of the .local domain name for .local internal domains.
0
 

Author Comment

by:cmp119
ID: 39927115
Alen - I just saw your response.  I presume I do not need to worry about adding servername.xyz.local.

I am concerned local outlook clients may have issues with this certificate for some reason.  I just don't want to deal with outlook clients issues that could possibly be related to an installed SSL Cert.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 39927125
There won't be any problems - trust me.

I manage dozens of SBS / Exchange servers and all they have in their SSL certs nowadays are mail.domain.com and autodiscover.domain.com and they are all .local internal domain names!   Our own domain is also exactly the same and we have an Exchange 2010 server internally.
0
 

Author Closing Comment

by:cmp119
ID: 39927137
Thank you for the clarification Alan!!!!
0
 

Author Comment

by:cmp119
ID: 39927143
Let me ask, do you have any documents you can send me pertaining to installing Exchange 2010 on a Windows Server 2012 VM.  I am currently using a document by the name of "Rapid Transition guide from Exchange 2003 to Exchange 2010, but it pertains to Windows Server 2008 R2 specifically.  Not sure what sort of snags I may run into with Windows Server 2012 as a VM.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39927844
This link looks like it should help you (I don't have any articles myself):

http://oxfordsbsguy.com/2013/03/24/how-to-install-exchange-2010-sp3-on-windows-server-2012/

Alan
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question