SSL and Mail

Posted on 2014-08-11
Last Modified: 2014-08-11
Does my UCC SSL need to have my domain name alone? When it was setup it included the domain root. Right now I have

Do I need the, seems that it causes problems sometimes?

I am renewing for my website which I and Same domains.
Question by:Jennifer
    LVL 6

    Expert Comment

    by:Chad Franks
    You could create at wildcard certificate *  If you did that you could use it for anything related.  I have used these in the past without issues.

    Author Comment

    I could do that on the UCC but my UCC is my exchange certificate and I only want it to be my exchange certificate. I have a different certificate for my website. I then have a separate certificate for my VPN. So do I need to have on all?
    Wouldn't putting * on any of them cause a conflict between them?

    Or should I have them separate?,, and on the UCC, on the VPN, and then and on the SSL for the web?
    LVL 6

    Assisted Solution

    by:Chad Franks
    There would be no conflicts using the *, since anything registered before the would be covered.  I have used wildcard certs in this type configuration in the past.  If you want to keep it separate, then you could create one specifically for Exchange and then use the wildcard for the rest. There would be no conflict if you used 2 different certs and * on the same server.  Since they would be used for specific applications..
    LVL 63

    Accepted Solution

    The Microsoft wizard will usually put the root of the domain in to the certificate, and that is probably where it has come from.
    Personally I don't like to use wildcard certificates with Exchange, I have had quite a few problems with them.

    For Exchange, you only two host names - common name, which shouldn't match the server's real name

    No other names are required on the SSL certificate, although you can include them if you wish.
    Some SSL providers will add by default, but that isn't required.

    LVL 6

    Expert Comment

    by:Chad Franks
    You could also use SAN certificates,  Subject Alternative name, that way you can use multiple host names for the same cert.  

    Using a SAN certificate saves you the hassle and time involved in configuring multiple IP addresses on your Exchange server, binding each IP address to a different certificate.

    Featured Post

    Wish Marketing would stop bothering you?

    Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

    Join & Write a Comment

    Suggested Solutions

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    Set OWA language and time zone in Exchange for individuals, all users or per database.
    Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now