Avatar of mbkitmgr
mbkitmgr
Flag for Australia asked on

SSL Cert for mail and Autodiscover

Hi all.  

I am running exchange server 2013 CU7. When it was initially set up, i needed to create/add an SSL certificate mail.mycompany.com from Go-Daddy

We have now obtained some tablets and are configuring them for OLK Anywhere.  For obvious reasons OLK Anywhere clients protest that the SSL cert name is invalid.

So - do I

1.

Just add a 2nd cert for autodiscover.... to the exchange environment
OR

2.

Go for the UCC certificate
AND
How do I do either so I dont stuff it up.
I recognize now I need a UCC Certificate, but I am unsure what the process and sequence is to move from the std SSL cert to a UCC to minimise downtime
SSL / HTTPSEmail ClientsEmail Servers

Avatar of undefined
Last Comment
Jason Crawford

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Jason Crawford

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
mbkitmgr

ASKER
Hi Keyser, checked this just now but it seems to apply to Exchange 2010, or am I reading it wrong
Jason Crawford

Same applies to Exchange 2013.

If you do want to go the UCC route you'll need, at a minimum, two hostnames covered in the cert - mail.domain.com (for example) and autodiscover.domain.com.  The first depends on what you use for OWA so it could be owa.domain.com, outlook.domain.com, email.domain.com, etc.

Take a weekend and try the SRV record though.  You can change a DNS record for free, and it would require minimum downtime to test.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck