Certificate with Virtual directories confirmation

Hi All

I am currently in the process of migrating from exchange 2010 to exchange 2013. But before i can proceed i need to know the standards for each one of the following

I need t know if my certificate is ok with the following virtual directories

1. Autodiscover - is it ok to have https://mail.aaa.school.fj/autodiscover/autodiscover.xml - set as internal uri
2. OWA - is it ok to have https://mail.aaa.school.fj/owa - set for internal and external
3. ECP - is it ok to have  https://mail/ecp - internal https://mail.aaa.school.fj/ecp -external
4. OAB - is it ok to have https://mail.aaa.school.fj/oab set for internal and external
5. ActiveSync - is it ok to have https://mail.aaa.school.fj/Microsoft-Server-ActiveSync set for internal and external
6. EWS - is it ok to have https://mail.aaa.school.fj/EWS/Exchange.asmx

My certificate has the following and i need to know if it is what it should be . This is used for smtp,IIS


Also how would i be able to setup pop3 and imap
Member_2_6474242Senior Systems AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian McDonaldIT ManagerCommented:
I went through this same thing awhile back. What worked for me was changing from a UCC to a wildcard cert. That way any subdomain was covered and it worked great.

The other thing I made sure of what that all URIs were identical between external and internal virtual directories

Based on what you have listed I think you'll be fine, it is similar to the setup I have in my exchange 2013
Riaz Alexander AnsaryEnterprise Infrastructure Systems EngineerCommented:
collecting information about your existing exchange organization is critical when it comes to upgrading. go through a checklist which the following two is a part of that checklist
  • Client Access NameSpaces
  • SSL Certificates
collect internal and external uri information of all your virtual directories.
your SSL certificates gotta match the server name(URL/Namespace) the client is connecting, you can certainly reuse the existing certificates for your new exchange 2016 servers.  if you are thinking how can you use a cert that matches the server name from old servers, in that case  you gotta know that clients are not connecting to old servers using the servers real name, they use the URLs and name spaces that mentioned above. and if your clients are connecting to real server names that would be a good example of miss-configured namespaces. and this is the time to change that. you certificaate needs to be configured with all the DOmains you have  used in your virtual directories.

why do you want to use different domain for each virtual directory. I would recommend  you use one domain for all such as Mail.YourDomain.Com
that way all your virtual directories will use that as base domain and your cert config will be easier too.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Member_2_6474242Senior Systems AdministratorAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.