Solved

Putting together the details for an SSL Certificate request in an exchange 2007 and exchange 2010 coexistance situation.

Posted on 2016-09-29
4
42 Views
Last Modified: 2016-10-08
I currently have 1 single 2007 exchange server and I have recently installed exchange 2010 on 1 single windows 2008 r2 server and am working on getting them to coexist for mailbox migration. My existing exchange 2007 SSL cert has the following info in it: (please let me know if you need any more information here and I will gladly supply)

Subject alternative name:

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com


I am referencing this article on how to create the request for my newly introduced exchange 2010 server:

http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010/

The name of my exchange 2007 server is "exchange07" (FQDN=exchange07.mysubdomain.mydomain.com)

The name of my new exchange 2010 server is "MAIL" (FQDN=mail.mysubdomain.mydomain.com)

I am having a problem determining what to put for the following when building my exchange 2010 SSL certificate request:

Outlook Web App Internal
Outlook Web App external
ActiveSync domain name
Web Services name
Outlook Anywhere name
Autodiscover name/s
Hub Transport server name
legacy name for co-existence

Where do I go to find these and do I need to install the new SSL cert I get on the old 2007 servers when I get it to ensure coexistence?

Thank you in advance for your help! I really - really appreciate your time!    :)
0
Comment
Question by:IT_Field_Technician
4 Comments
 
LVL 8

Expert Comment

by:Leo
ID: 41822761
For Exchange SSL certificates its better to obtain certificate from places like GoDaddy, au.godaddy.com/SSLCertificates
There support is good, and then will guide you through on how to install them.
0
 
LVL 14

Assisted Solution

by:Schnell Solutions
Schnell Solutions earned 250 total points
ID: 41822794
That guide that you found is detailed enough for the process. In order to review the names used by your Exchange server and the options for changing your virtual directories you can complete your process using this article: http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/configuring-exchange-server-2007-web-services-urls.html

For the names you can use something like this:

Outlook Web App Internal   mail.mydomain.com
Outlook Web App external   mail.mydomain.com
ActiveSync domain name   mail.mydomain.com
Web Services name   mail.mydomain.com
Outlook Anywhere name   mail.mydomain.com
Autodiscover name/s   autodiscover.mydomain.com
Hub Transport server name   x <-- Save some money and work and leave this one as a self-signed. Do not include it here
legacy name for co-existence   exchange07.mydomain.com
0
 
LVL 49

Accepted Solution

by:
Akhater earned 250 total points
ID: 41823176
don't complicate things, you have an SSL today and it is working just fine right ?
so you obviously need the same names in the new one

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com

In addition you have now one new server (Exchange 2010) and that requires one additional SAN say mail.mydomain.com

so just go to rekey your certificate (no need to buy a new one) adding to it mail.mydomain.com and install it on both 2007 and 2010  and you will be good to go

the "Trick" is not in what to include in the certificate as much as it is on how to configure 2010 in order to use mail.mydomain.com
0
 

Author Closing Comment

by:IT_Field_Technician
ID: 41835471
Thanks!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
how to add IIS SMTP to handle application/Scanner relays into office 365.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now