Putting together the details for an SSL Certificate request in an exchange 2007 and exchange 2010 coexistance situation.

I currently have 1 single 2007 exchange server and I have recently installed exchange 2010 on 1 single windows 2008 r2 server and am working on getting them to coexist for mailbox migration. My existing exchange 2007 SSL cert has the following info in it: (please let me know if you need any more information here and I will gladly supply)

Subject alternative name:

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com

I am referencing this article on how to create the request for my newly introduced exchange 2010 server:


The name of my exchange 2007 server is "exchange07" (FQDN=exchange07.mysubdomain.mydomain.com)

The name of my new exchange 2010 server is "MAIL" (FQDN=mail.mysubdomain.mydomain.com)

I am having a problem determining what to put for the following when building my exchange 2010 SSL certificate request:

Outlook Web App Internal
Outlook Web App external
ActiveSync domain name
Web Services name
Outlook Anywhere name
Autodiscover name/s
Hub Transport server name
legacy name for co-existence

Where do I go to find these and do I need to install the new SSL cert I get on the old 2007 servers when I get it to ensure coexistence?

Thank you in advance for your help! I really - really appreciate your time!    :)
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

AkhaterConnect With a Mentor Commented:
don't complicate things, you have an SSL today and it is working just fine right ?
so you obviously need the same names in the new one

DNS Name=mydomain.com
DNS Name=autodiscover.mydomain.com
DNS Name=exchange07.mydomain.com

In addition you have now one new server (Exchange 2010) and that requires one additional SAN say mail.mydomain.com

so just go to rekey your certificate (no need to buy a new one) adding to it mail.mydomain.com and install it on both 2007 and 2010  and you will be good to go

the "Trick" is not in what to include in the certificate as much as it is on how to configure 2010 in order to use mail.mydomain.com
For Exchange SSL certificates its better to obtain certificate from places like GoDaddy, au.godaddy.com/SSLCertificates
There support is good, and then will guide you through on how to install them.
Schnell SolutionsConnect With a Mentor Systems Infrastructure EngineerCommented:
That guide that you found is detailed enough for the process. In order to review the names used by your Exchange server and the options for changing your virtual directories you can complete your process using this article: http://www.msexchange.org/articles-tutorials/exchange-server-2007/management-administration/configuring-exchange-server-2007-web-services-urls.html

For the names you can use something like this:

Outlook Web App Internal   mail.mydomain.com
Outlook Web App external   mail.mydomain.com
ActiveSync domain name   mail.mydomain.com
Web Services name   mail.mydomain.com
Outlook Anywhere name   mail.mydomain.com
Autodiscover name/s   autodiscover.mydomain.com
Hub Transport server name   x <-- Save some money and work and leave this one as a self-signed. Do not include it here
legacy name for co-existence   exchange07.mydomain.com
IT_Field_TechnicianAuthor Commented:
All Courses

From novice to tech pro — start learning today.