Exchange 2010 -DAG, CAS - SSL SAN Cert, update internal names to external
Posted on 2015-01-29
A little background about my environment: Exchange 2010, 2 CAS servers using Windows NLB, and 2 Database DAG servers. Both running 2008 R2.
I am in the middle of renewing my SSL SAN cert for my Exchange 2010 environment and I know that your are no longer allowed to use Internal names on the cert. I know that I need to change my: Autodiscover, OAB, Web Services, ActiveSync, OWA, and ECP to reflect the external domain name which is not a problem. My worry comes when updating the CAS array name from casarray.internal.local to mail.external.domain.
I see that I can basically change the internal name on the NLB by updating the Full Internet Name value under properties of the load balancer. I can also update the RPC value of the mailbox databases to use the external domain via PS. What I need is some clarification on are the Outlook profiles. From what I am reading, Exchange 2010 SP2 RU 3 and higher will automatically force the Outlook client to update to the new value. Is that correct? I am running SP3 Rollup 8a so I should be in the clear. I would hate to have my users redo all their Outlook profiles...
Thanks in advance,