Today, I just took on a new client running SBS2011. The prior IT firm setup their domain as xxx.local. As of 11/01/2015, their UCC SSL certificate will no longer be valid because it will no longer support .local domains. How do I rename the domain to a .com or are there other options available?
Active DirectorySBSExchange
Last Comment
Troy Hector
8/22/2022 - Mon
Scott C
You don't need to rename the domain.
Just get a new certificate with the correct external url.
mail.domain.com; autodiscover.domain.com; etc....
You then configure your DNS for the external name with the internal IP address.
Renaming a domain would be a nightmare and I believe it is unsupported.
The company I work for just bought another company where they did some Exchange installs with the exact same issue.
I'm just having them buy new certs with the correct SANs and do the proper configuration.
Troy Hector
ASKER
@ScottCha - This sounds promising. Can you please provide more detailed instructions on the DNS configuration portion? Do you have a link or step-by-step guide for this?
I think that's about it. The above information has me gotten 2 servers working with new certificates and the domain is still .local.
Troy Hector
ASKER
@ScottCha - Thanks for the info. I will look it over for the next day and respond back. Man, this looks like a ton of work.
Scott C
The reading is the hard work. After I did my first one, the second was done in less than 30 minutes. That is after I fixed the autodiscover URL that I missed.
Just take your time and you'll be fine.
Certificates always seemed like black magic, even when I was an Exchange Engineer for MS. Once I got out in the real world and HAD to figure them out, they aren't so bad.
To the author. You DO NOT need to do all this work. Make sure that the SBS server has UR4 installed. Then from the SBS console, run The trusted third party certificate wizard. Specify that you want to renew. This will generate the required CSR. Then get your new cer. And install it using the same wizard. The CSR will not have the .local info in it
To everyone...I apologize for seemingly abandoning this question. I have had to travel all but one day since posting my original question. I am again heading back on the road for another three weeks. During this travel time, I will try to address the issue based on the suggested solutions. I will post back as soon as I can.
Just get a new certificate with the correct external url.
mail.domain.com; autodiscover.domain.com; etc....
You then configure your DNS for the external name with the internal IP address.
Renaming a domain would be a nightmare and I believe it is unsupported.
The company I work for just bought another company where they did some Exchange installs with the exact same issue.
I'm just having them buy new certs with the correct SANs and do the proper configuration.