Certificate for exchange 2010 server question

We currenlty have a certificate that is getting ready to expire. Our domain name is in this format:
So since the .local is not allowed any longer in the certificate, I found a link on how to change the exchange autodiscover, etc items that need to be changed to the internal urls to be the same as the external urls.
Our cert now has the 2 exch server names in it like this:
Do I even need to have these as part of my certificate since I have to remove them because of the .local
Who is Participating?
Seth SimmonsSr. Systems AdministratorCommented:
get a new cert specifying only the external fqdn you are using (server.domain.com or whatever the public suffix is)

also need to configure split dns so that internal users can access the external server name(s)

Windows - Setting Up Split DNS
vmichAuthor Commented:
We have the split dns setup because I can ping the external url from inside and it responds to the exchange server and also if I ping the external url from the outsdie, it responds to th external ip of the exchange server.
But as i mentioned the domain name is domain
So that is a .local which the cert has the 2 exchn servers in it which are server1.domain and server2.domain
So do I need these in the exchange cert?
Simon Butler (Sembee)ConsultantCommented:
You cannot put a raw domain (ie one without a suffix) on the SSL certificate. That simply isn't allowed.

In simple terms, all names on the SSL certificate MUST resolve on the internet. host.domain would not resolve, so wouldn't be allowed.

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

vmichAuthor Commented:
My question is will it be an issue if I leave off the 2 servers names.domain since there domain name now is still a .local domain name since the certificate companies dont allow the .local names on the certs?
Meaning will it affect exchange at all?
Simon Butler (Sembee)ConsultantCommented:
Exchange doesn't care.
As long as you change all of the host names within Exchange to use your public host name, then you will be fine.

vmichAuthor Commented:
Yes I will be changing all of the internal urls to match the external urls and all of the virtual directories...
vmichAuthor Commented:
new cert
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.