Exchange 2007 certificate

Hi. I have a client with a 2007 exchange server.  They are getting ready to move to my hosted exchange environment in the next few weeks.

They currently have a third party SSL certificate that expires in a few days.  Because they are migrating about a week after that I was thinking of letting the cert expire but I wondered how it will affect the environment.  

Will mail still function on active says devices and or exchange over https?   It just seems like a significant amount of work and the cost of the cert if we are moving their mail.

Thoughts ?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
If you have an expired Exchange certificate it will not stop mail flow and you will still be able to access OWA externally (you will get prompted that the cert is expired). However you will have issues with ActiveSync and mail getting to the phones properly.

What I would suggest is that you renew the cert adding additional SAN DNS names so that you can export the cert and use it in your environment if you require one.

Certs are not that much money and if your have minimal SAN DNS names it is very cheap.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hmcnastyAuthor Commented:
Thanks for the response.  I was wondering because I have had ActiveSync devices working in environments with no certs before.
Will SzymkowskiSenior Solution ArchitectCommented:
You may be able to get this to work but specifically with ActiveSync you can experience a lot of issues if your certificate is expired. Personally I would not have it setup this way and if you do in fact renew the certificate then this transition will be seamless on the user end and this will not get any warning popups or intermittent issues due to an expired cert.

hmcnastyAuthor Commented:
Thanks Will.  Looks like I will renew the cert then.  Can you please look for any new questions of mine this weekend?  I will be doing this on Friday into Saturday.  I've done certs on 2003 and 2010 but never on 2007.

Thanks again

Will SzymkowskiSenior Solution ArchitectCommented:
Not a problem, glad to help.

Just pm me when you have a question and provide me the link.

To make it easier to find me you can just follow me as well if you like.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.