SSL Cert for mail and Autodiscover

mbkitmgr used Ask the Experts™
Hi all.  

I am running exchange server 2013 CU7. When it was initially set up, i needed to create/add an SSL certificate from Go-Daddy

We have now obtained some tablets and are configuring them for OLK Anywhere.  For obvious reasons OLK Anywhere clients protest that the SSL cert name is invalid.

So - do I


Just add a 2nd cert for autodiscover.... to the exchange environment


Go for the UCC certificate
How do I do either so I dont stuff it up.
I recognize now I need a UCC Certificate, but I am unsure what the process and sequence is to move from the std SSL cert to a UCC to minimise downtime
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Why not just use an SRV record for Autodiscover and forego purchasing another cert all together?  When combined with SRV, Autodiscover only requires one host in the SSL certificate.

Check out scenario 2:


Hi Keyser, checked this just now but it seems to apply to Exchange 2010, or am I reading it wrong

Same applies to Exchange 2013.

If you do want to go the UCC route you'll need, at a minimum, two hostnames covered in the cert - (for example) and  The first depends on what you use for OWA so it could be,,, etc.

Take a weekend and try the SRV record though.  You can change a DNS record for free, and it would require minimum downtime to test.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial