Wildcard Certificate for Exchange Sever 2013 Backend

Seuno used Ask the Experts™
I have installed exchange server 2013 in a child domain child.domain.com. The parent domain (domain.com) has a wildcard certificate used for their exchange server.

Can I use this certificate on my child domain for both the Backend Exchange on port 444 and front end on port 443?

Why I am considering this is because outlook is poping up certificate for client.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Infrastructure Consultant
Nope - not for a child domain. Sorry.

RFC2818 says "If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com. f*.com matches foo.com but not bar.com."

Some browsers may operate differently, and allow certificates to match for *.*.domain.com but I believe IE and other microsoft products follow the RFC.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial