Link to home
Start Free TrialLog in
Avatar of Troy Hector
Troy HectorFlag for United States of America

asked on

Domain Rename or other options?

Today, I just took on a new client running SBS2011. The prior IT firm setup their domain as xxx.local. As of 11/01/2015, their UCC SSL certificate will no longer be valid because it will no longer support .local domains. How do I rename the domain to a .com or are there other options available?
Avatar of Scott C
Scott C
Flag of United States of America image

You don't need to rename the domain.

Just get a new certificate with the correct external url.

mail.domain.com; autodiscover.domain.com; etc....

You then configure your DNS for the external name with the internal IP address.

Renaming a domain would be a nightmare and I believe it is unsupported.

The company I work for just bought another company where they did some Exchange installs with the exact same issue.

I'm just having them buy new certs with the correct SANs and do the proper configuration.
Avatar of Troy Hector

ASKER

@ScottCha - This sounds promising. Can you please provide more detailed instructions on the DNS configuration portion? Do you have a link or step-by-step guide for this?

Thanks!
Yes, I'm pulling up my OneNote right now.
ASKER CERTIFIED SOLUTION
Avatar of Scott C
Scott C
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I think that's about it.  The above information has me gotten 2 servers working with new certificates and the domain is still .local.
@ScottCha - Thanks for the info. I will look it over for the next day and respond back. Man, this looks like a ton of work.
The reading is the hard work.  After I did my first one, the second was done in less than 30 minutes.  That is after I fixed the autodiscover URL that I missed.

Just take your time and you'll be fine.

Certificates always seemed like black magic, even when I was an Exchange Engineer for MS.  Once I got out in the real world and HAD to figure them out, they aren't so bad.
Thanks for the encouraging words, ScottCha.
To the author.  You DO NOT need to do all this work.  Make sure that the SBS server has UR4 installed. Then from the SBS console, run The trusted third party certificate wizard. Specify that you want to renew.  This will generate the required CSR.  Then get your new cer. And install it using the same wizard.  The CSR  will not have the .local info in it
To everyone...I apologize for seemingly abandoning this question. I have had to travel all but one day since posting my original question. I am again heading back on the road for another three weeks. During this travel time, I will try to address the issue based on the suggested solutions. I will post back as soon as I can.
Thanks.