Improve company productivity with a Business Account.Sign Up

x
?
Solved

Putting together the details for an SSL Certificate request in an exchange 2007 and exchange 2010 coexistance situation.

Posted on 2016-09-29
4
Medium Priority
?
112 Views
Last Modified: 2016-10-08
I currently have 1 single 2007 exchange server and I have recently installed exchange 2010 on 1 single windows 2008 r2 server and am working on getting them to coexist for mailbox migration. My existing exchange 2007 SSL cert has the following info in it: (please let me know if you need any more information here and I will gladly supply)

Subject alternative name:

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com


I am referencing this article on how to create the request for my newly introduced exchange 2010 server:

http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010/

The name of my exchange 2007 server is "exchange07" (FQDN=exchange07.mysubdomain.mydomain.com)

The name of my new exchange 2010 server is "MAIL" (FQDN=mail.mysubdomain.mydomain.com)

I am having a problem determining what to put for the following when building my exchange 2010 SSL certificate request:

Outlook Web App Internal
Outlook Web App external
ActiveSync domain name
Web Services name
Outlook Anywhere name
Autodiscover name/s
Hub Transport server name
legacy name for co-existence

Where do I go to find these and do I need to install the new SSL cert I get on the old 2007 servers when I get it to ensure coexistence?

Thank you in advance for your help! I really - really appreciate your time!    :)
0
Comment
Question by:IT_Field_Technician
4 Comments
 
LVL 8

Expert Comment

by:Leo
ID: 41822761
For Exchange SSL certificates its better to obtain certificate from places like GoDaddy, au.godaddy.com/SSLCertificates
There support is good, and then will guide you through on how to install them.
0
 
LVL 15

Assisted Solution

by:Schnell Solutions
Schnell Solutions earned 1000 total points
ID: 41822794
That guide that you found is detailed enough for the process. In order to review the names used by your Exchange server and the options for changing your virtual directories you can complete your process using this article: http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/configuring-exchange-server-2007-web-services-urls.html

For the names you can use something like this:

Outlook Web App Internal   mail.mydomain.com
Outlook Web App external   mail.mydomain.com
ActiveSync domain name   mail.mydomain.com
Web Services name   mail.mydomain.com
Outlook Anywhere name   mail.mydomain.com
Autodiscover name/s   autodiscover.mydomain.com
Hub Transport server name   x <-- Save some money and work and leave this one as a self-signed. Do not include it here
legacy name for co-existence   exchange07.mydomain.com
0
 
LVL 49

Accepted Solution

by:
Akhater earned 1000 total points
ID: 41823176
don't complicate things, you have an SSL today and it is working just fine right ?
so you obviously need the same names in the new one

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com

In addition you have now one new server (Exchange 2010) and that requires one additional SAN say mail.mydomain.com

so just go to rekey your certificate (no need to buy a new one) adding to it mail.mydomain.com and install it on both 2007 and 2010  and you will be good to go

the "Trick" is not in what to include in the certificate as much as it is on how to configure 2010 in order to use mail.mydomain.com
0
 

Author Closing Comment

by:IT_Field_Technician
ID: 41835471
Thanks!
0

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In a Cross Forest, the steps to migrate users are quite complicated and even in the official articles of Technet there is no clear recommendation on which approach to take .. From an experience, I mention and simplify which way to go and how to use …
Using Granular Exchange Recovery Software to recover specific items from corrupt Exchange mailboxes. With Granular recovery techniques,  repair exchange mailbox and then move single items objects stored in Exchange EDB Files such as emails, contacts…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Watch the video to know the process of migration of Exchange or Office 365 mailboxes in absence of MS Outlook. It is an eminent tool which can easily migrate Public, Archive user mailboxes from one another Exchange server and Office 365. Kernel Migr…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question