Solved

How can I get a certificate for my .local domain.

Posted on 2015-02-24
2
136 Views
Last Modified: 2015-04-23
I have recently migrated my exchange 2003 server to exchange 2010. It is still running on a .local domain with external email going to a .org domain. I purchased an SSL certificate for the .org domain and external email works with no issues. I am still getting certificate mismatch errors for internal outlook clients. I understand I am not able to purchase an SSL certificate for a .local domain. Is there a way to disable SSL for internal email or turn this feature off. I really don't need it for internal email to Outlook clients. I would prefer not to have to rename the domain since that may create other issues.

Thanks in advance for your help.
0
Comment
Question by:P Hurdle
2 Comments
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 250 total points
ID: 40629159
you need to configure your internal URLs to be the .org domain and not .local; you won't be able to get .local certificates in a few months anymore anyway
also, setup split dns

Configure Exchange Services for the Autodiscover Service
https://technet.microsoft.com/en-us/library/bb201695%28v=exchg.141%29.aspx?f=255&MSPPError=-2147217396

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 250 total points
ID: 40629418
You cannot get certificates with .local on them that expire after November 2015, so unless someone is selling certificates that have a six month life, then you cannot get one.

SSL isn't really optional for Exchange, you cannot turn it on or off within Exchange. Therefore a split DNS system and modify all of the internal URLs to the external host name is the best option.
http://semb.ee/hostnames2010

Simon.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Find out what you should include to make the best professional email signature for your organization.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
This video discusses moving either the default database or any database to a new volume.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question