troubleshooting Question

Exchange 2010: How to set up certificates for OWA/Autodiscover, and TLS between SMTP servers, and Edge Subscription?

Avatar of Gonthax
Gonthax asked on
6 Comments1 Solution118 ViewsLast Modified:
Hi there. We have a two server Exchange 2010 set up: One internal server that is the Client Access and Hub Transport and an external server that is our Edge.

We have an SSL certificate from a public CA we want to present when users log in to OWA/Autodiscover/etc. We would also like to have TLS connections using an SSL cert between external SMTP servers and of course, a cert is needed to handle the Edge subscription between Edge and the Hub.

When trying to use the same certificate for these use cases, Exchange will throw an error saying: "Sharing the same certificate between Edge and Hub Transport servers is not allowed."

What's not clear from searching around is what the best practice is here: Use a public CA cert for OWA/Autodiscover/etc., and use a self-signed for SMTP/TLS? Wouldn't it be advantageous to use a public CA cert for SMTP connections between external SMTP servers? Should we buy two certs then for this case?

Thanks in advance!
viktor grant
Exchange Servers

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 6 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros