Assigning SSL certs across multiple servers
Posted on 2014-04-23
We’re venturing down the path of migrating to Office 365 from an on premise Exchange 2010 DAG environment. We’re a small non-profit without much hardware and we’re not looking to maintain on premise Exchange servers; once the accounts have been migrated, we’ll remove the Exchange servers. We’ll be doing a phased conversion thus we’ll be using DirSync and ADFS with a hybrid installation. We presently have an internally signed cert which has served us well but obviously this won’t work for Office 365. We use OWA for external email users.
Reading the installation docs, it appears that we’ll need a cert for ADFS. If I get a SAN cert, generated from the ADFS installation, can I share that between ADFS and Exchange, and if so, how? And how does this affect communication between the DAG servers? I suppose it would be a best-practice to do this off-hours but is there a way of “backing up” my existing cert to restore that if things go bad? Finally, since we are a non-profit, anyone know of good, cheap cert providers?