• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 608
  • Last Modified:

SBS 2011 SSL Certificates & remote. names

When an SBS server is initially setup a 'remote.' record is setup i.e. remote.company1.co.uk for remote access. Normally an SSL certificate is then purchased to allow full access to the remote web workplace features.

In this scenario, the server has an expired / revoked SSL certificate for remote.company1.co.uk, but is also using email for company2.co.uk, which will shortly become the main identity of the company.

In the circumstances, can remote.company2.co.uk be setup for remote access ( once the relevant DNS record is created with the ISP ) and then a security certificate purchased to allow remote access from this new address, or does a new SSL certificate need to be purchased for remote.company1.co.uk?

Managing email is relatively straightforward, as company2.co.uk email addresses can be made the default for all users, but I am not sure whether the main remote access address can be switched over in SBS 2011 once this has been initially setup.
2 Solutions
Jakob DigranesSenior ConsultantCommented:
to make this easy for you, buy a UC certificate from DigiCert where you add both domain names in the certificate, to avoid downtime.
It depends if you have split-DNS or not, wether you can change to company2.co.uk
itcroydonAuthor Commented:
Ok, we could do this, although the price is quite expensive.

However in order for the server to use company2.co.uk as the remote access address, presumably the SBS 'Setup Your Internet Address' wizard needs to be run in the network, connectivity area of the Console. However will this then replace remote.company1.co.uk with remote.company2.co.uk, or will it allow both to be used independently?

If it replaces remote.company1.co.uk, this will require additional configuration for remote clients who are connecting to exchange via https:\\remote.company1.co.uk.
If you want to use remote.company2.co.uk for Remote Web Workplace you have to tear down everything you have and start again.

If you want to use BOTH domain names for RWW then you're SOL with the wizards and will have to set everything up manually.  In this situation you'd use a UCC SSL cert.

By far the easiest option is to just add company2.co.uk as additional email addresses and continue using remote.company1.co.uk for remote access.

I am not sure whether the main remote access address can be switched over in SBS 2011 once this has been initially setup.

There's no problem re-running the wizards to change this.  Do it as much as you like.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now