Avatar of bill2013

asked on 

Replacing a single Godaddy domain certificate with a multi domain one on an Exchange 2016 Server

My goal is to have an Exchange 2016 Server act as a mail server to Outlook 2016 clients on a small network.

All attempts have failed over the last 2 weeks and this seems to come down to me using a Standard SSL certificate while to get Exchange 2016 and Outlook 2016 working together requires a SANS certificate. I found this thanks to help from EE.

Anyway, I want to look at the easiest and least disruptive way to transfer the Certificate.

I will be getting the certificate later in the week and my work plan is as follows:

1. Leave the existing certificate (myoldcertificate.mydomain.com) in place until everything is finished.
2, Create a CSR from the Exchange Server for a Godaddy SHA-2 certificate with all URLs pointing to mynewcertificate.mydomain.com except for the autodiscover URL which will point to autodiscover.mydomain.com. Is this correct?
3. Add the new certificate as an MX and an A record in my Internet DNS. (Any SRV entries?)
4.  Install the new certificate on the exchange server.
5, Run the exchange wizard with the new certificate. Is there a way to properly edit the exchange settings rather than rerun the wizard?
6. Give the new certificate priority over the old one in the MX records.
7. Join Outlook 2016 clients to Exchange.

Is there anything I have forgotten?

Is it easier/possible to replace the certificate with a certificate of the same name - does exchange just look for the name, I guess it is secured to the full certificate serial number etc. and cannot be replaced for security issues, the whole point of the thing?

Thanks for any help.
ExchangeOutlookEmail ServersMicrosoft OfficeWindows Server 2012

Avatar of undefined
Last Comment

8/22/2022 - Mon