[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Putting together the details for an SSL Certificate request in an exchange 2007 and exchange 2010 coexistance situation.

Posted on 2016-09-29
4
Medium Priority
?
105 Views
Last Modified: 2016-10-08
I currently have 1 single 2007 exchange server and I have recently installed exchange 2010 on 1 single windows 2008 r2 server and am working on getting them to coexist for mailbox migration. My existing exchange 2007 SSL cert has the following info in it: (please let me know if you need any more information here and I will gladly supply)

Subject alternative name:

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com


I am referencing this article on how to create the request for my newly introduced exchange 2010 server:

http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010/

The name of my exchange 2007 server is "exchange07" (FQDN=exchange07.mysubdomain.mydomain.com)

The name of my new exchange 2010 server is "MAIL" (FQDN=mail.mysubdomain.mydomain.com)

I am having a problem determining what to put for the following when building my exchange 2010 SSL certificate request:

Outlook Web App Internal
Outlook Web App external
ActiveSync domain name
Web Services name
Outlook Anywhere name
Autodiscover name/s
Hub Transport server name
legacy name for co-existence

Where do I go to find these and do I need to install the new SSL cert I get on the old 2007 servers when I get it to ensure coexistence?

Thank you in advance for your help! I really - really appreciate your time!    :)
0
Comment
Question by:IT_Field_Technician
4 Comments
 
LVL 8

Expert Comment

by:Leo
ID: 41822761
For Exchange SSL certificates its better to obtain certificate from places like GoDaddy, au.godaddy.com/SSLCertificates
There support is good, and then will guide you through on how to install them.
0
 
LVL 14

Assisted Solution

by:Schnell Solutions
Schnell Solutions earned 1000 total points
ID: 41822794
That guide that you found is detailed enough for the process. In order to review the names used by your Exchange server and the options for changing your virtual directories you can complete your process using this article: http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/configuring-exchange-server-2007-web-services-urls.html

For the names you can use something like this:

Outlook Web App Internal   mail.mydomain.com
Outlook Web App external   mail.mydomain.com
ActiveSync domain name   mail.mydomain.com
Web Services name   mail.mydomain.com
Outlook Anywhere name   mail.mydomain.com
Autodiscover name/s   autodiscover.mydomain.com
Hub Transport server name   x <-- Save some money and work and leave this one as a self-signed. Do not include it here
legacy name for co-existence   exchange07.mydomain.com
0
 
LVL 49

Accepted Solution

by:
Akhater earned 1000 total points
ID: 41823176
don't complicate things, you have an SSL today and it is working just fine right ?
so you obviously need the same names in the new one

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com

In addition you have now one new server (Exchange 2010) and that requires one additional SAN say mail.mydomain.com

so just go to rekey your certificate (no need to buy a new one) adding to it mail.mydomain.com and install it on both 2007 and 2010  and you will be good to go

the "Trick" is not in what to include in the certificate as much as it is on how to configure 2010 in order to use mail.mydomain.com
0
 

Author Closing Comment

by:IT_Field_Technician
ID: 41835471
Thanks!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
This video discusses moving either the default database or any database to a new volume.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question