tp-it-team
asked on
Exchange 2007->2013 cert question
I'm about to renew my cert for exchange and after that, I will migrate to 2013.
Here is what I have now:
- my external domain: domain.com
- my internal domain: local.domain.com
My cert is for:
mail.domain.com
autodiscover.domain.com
Because my internal and external domain is different, I'm using the DNS zone trick so my email server is accessible using the same name internally and externally.
- - - - - - - - - - -
My current setup is only one server but my 2013 setup will incorporate 2 servers: I will be using DAG for database availability and DNS round robin for CAS.
MY QUESTION IS:
what do I need on my new certificate ?
First of all, I know it will be 'legacy' name for 2007 server but should it be legacy.local.domain.com or legacy.domain.com ?
Also, since I will have 2 new servers using DNS round robin, they will be both using mail.domain.com name in CERT, am I right ?
Thanks
Here is what I have now:
- my external domain: domain.com
- my internal domain: local.domain.com
My cert is for:
mail.domain.com
autodiscover.domain.com
Because my internal and external domain is different, I'm using the DNS zone trick so my email server is accessible using the same name internally and externally.
- - - - - - - - - - -
My current setup is only one server but my 2013 setup will incorporate 2 servers: I will be using DAG for database availability and DNS round robin for CAS.
MY QUESTION IS:
what do I need on my new certificate ?
First of all, I know it will be 'legacy' name for 2007 server but should it be legacy.local.domain.com or legacy.domain.com ?
Also, since I will have 2 new servers using DNS round robin, they will be both using mail.domain.com name in CERT, am I right ?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Iradat Siddiqui
Please use the SAN (Subject Alternate Name) certificate for exchange , with all the required dns names (internal/external).