Reconfiguring Exchange server to fully qualified domain name
I have an Exchange server 2010 with OWA and Activesync services. My local domain is abcd.local and my email server is Webmail.xyz.org.
I must apply the new SSL certificate by this Friday (previous SSL will expire this weekend). I purchased a 3 year SSL certificate, but facing a dilemma because because of the PHASING OUT THE INTRANET AND IP ADDRESSES IN SSLs.
I did check out the following link:
https://www.godaddy.com/help/reconfiguring-microsoft-exchange-server-to-use-a-fully-qualified-domain-name-6281
but really really I do not know how to proceed. I do not want to change my local Domain name, because I have some other servers, like MS SQL server on this domain.
Please advise ASAP, and help me to start the process I must accomplish before I run out of time.
P.S. I only need the SSL certificate for my Exchange server, and nothing else.
Thanks
Jim
I must apply the new SSL certificate by this Friday (previous SSL will expire this weekend). I purchased a 3 year SSL certificate, but facing a dilemma because because of the PHASING OUT THE INTRANET AND IP ADDRESSES IN SSLs.
I did check out the following link:
https://www.godaddy.com/help/reconfiguring-microsoft-exchange-server-to-use-a-fully-qualified-domain-name-6281
but really really I do not know how to proceed. I do not want to change my local Domain name, because I have some other servers, like MS SQL server on this domain.
Please advise ASAP, and help me to start the process I must accomplish before I run out of time.
P.S. I only need the SSL certificate for my Exchange server, and nothing else.
Thanks
Jim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
use this to take care of the cert renewal
Renew GoDaddy UCC SSL Certificate for Exchange 2010
http://www.bonusbits.com/wiki/HowTo:Renew_GoDaddy_UCC_SSL_Certificate_for_Exchange_2010
yes, need to change the url so that it matches the cert
Renew GoDaddy UCC SSL Certificate for Exchange 2010
http://www.bonusbits.com/wiki/HowTo:Renew_GoDaddy_UCC_SSL_Certificate_for_Exchange_2010
do I need to run the shell commands from the goDaddy article?
yes, need to change the url so that it matches the cert
ASKER
sorry to bother you again,
1- should I run the shell command with current SSL Certificate expiring this weekend?
2- Should I run the shell command before creating CSR?
3- I am assuming "Your_Server_Name" is exact name of the Exchange server computer.
1- should I run the shell command with current SSL Certificate expiring this weekend?
2- Should I run the shell command before creating CSR?
3- I am assuming "Your_Server_Name" is exact name of the Exchange server computer.
you can run the shell command at the same time when you install the certificate
yes, if your exchange server is mail.mydomain.com then use that for the URLs and certificate SANs
yes, if your exchange server is mail.mydomain.com then use that for the URLs and certificate SANs
ASKER
1- my understanding of the instruction is to use WEBMAIL.XYZ.ORG as FQDN not as Host name("your_Server_Name"). I was guessing to use the actual name of the computer, the EXCH-MAIL, the real name of the server.
2- I did not create new CSR to submit it to GoDaddy yet. Can I create it before running the shell commands?
2- I did not create new CSR to submit it to GoDaddy yet. Can I create it before running the shell commands?
sorry...yes, where it says your_server_name for those powershell commands, use the server name (mail or whatever it is) the fqdn is for the url portion of the command
and yes, you can create the csr any time
the new certificate and URL changes should be done at the same time else users will get a certificate error because the host names don't match the certificate
and yes, you can create the csr any time
the new certificate and URL changes should be done at the same time else users will get a certificate error because the host names don't match the certificate
ASKER
Good morning Seth,
I downloaded the new SSL certificate for the exchange. Should I run the Shell command before installing this certificate, or after?
Thanks,
Jim
I downloaded the new SSL certificate for the exchange. Should I run the Shell command before installing this certificate, or after?
Thanks,
Jim
doesn't matter the order
ASKER
Hi Seth,
I applied the new Certificate about 1 hour ago, to my Exchange server, but haven't run the shell command yet. I guess because my exchange server was set up as webmail.XYZ.org under the old SSL, the staff from inside and outside of the organization are using OWA, and Mobile email services without any difficulties.
The Certificate warning is coming up are on regular Outlook running on the computer on Local Area Network.
do I need to run
Set-ClientAccessServer ...
Set-WebServicesVirtualDire
Set-OABVirtualDirectory,,,
Do these commands fix the security question for internal users?
Thanks
I applied the new Certificate about 1 hour ago, to my Exchange server, but haven't run the shell command yet. I guess because my exchange server was set up as webmail.XYZ.org under the old SSL, the staff from inside and outside of the organization are using OWA, and Mobile email services without any difficulties.
The Certificate warning is coming up are on regular Outlook running on the computer on Local Area Network.
do I need to run
Set-ClientAccessServer ...
Set-WebServicesVirtualDire
Set-OABVirtualDirectory,,,
Do these commands fix the security question for internal users?
Thanks
what is the certificate warning for? mismatched host name?
ASKER
The users on the LAN was getting Security warning when tried Outlook 2010. But Actvivesync and OWA services were working properly.
Yesterday afternoon I ran the 3 Shell Commands, everything is working well now.
Thank you so much for your wonderful responses.
Jim
Yesterday afternoon I ran the 3 Shell Commands, everything is working well now.
Thank you so much for your wonderful responses.
Jim
ASKER
Seth helped me and answered each and every questions I posted, and I was able to move forward with minimum stress.
ASKER
The current SSL Certificate will expire this weekend, and I purchased new SSL Certificate from GoDaddy but have not installed it yet.
I need to CREATE A NEW CSR from my Exchange server and post it on GoDaddy .
With all said, do I need to run the shell commands from the goDaddy article?
xyz.org is our web site on an external web host provider. I should mention that I used the option 1 of the directions in the link you provided me.
Jim