Soho_Dan
asked on
Do I need UCC Certificate?
I'm trying to understand when I need to purchase a UCC certificate. From my understanding so far, I only need UCC certificate only if I need to secure multiple domains correct? What if I need certificate for an Exchange server and also for RDP access? For example, mail.domain.com and remote.domain.com. This is still one domain but multiple sub-domain if I am correct. Pls advise, thanks.
A UCC certificate can secure multiple domains, multiple host names in a domain or a combination of both. In theory, in your case above, you could use a Wildcard certificate but it will cost more and in my experience, may give you troubles with Exchange if you are trying to use other services in your domain like Skype for Business
Exchange works better with a SAN certificate since you normally have multiple hostnames on the certificate. (mail, autodiscover, etc....)
Exchange works better with a SAN certificate since you normally have multiple hostnames on the certificate. (mail, autodiscover, etc....)
As the expert mentioned, it is for multiple domain. The specific is any number of different domain names can be included in the SAN field of the certificate enabling the certificate to work on any of the included domain names. For example, you could get one UC SSL Certificate to cover all of the following:
mydomain.com
mail.mydomain.com
autodiscover.mydomain.com
anotherdomain.com
Normally most opt for UCC as it can provide significant cost savings in many situations. For e.g. for certain features in Microsoft's Exchange Server, Office Communications Server, and Live Communications Server.
Likewise for the remote gateway use case, you could have a UCC Cert like this:
Main Domain: remote.mypublicdomain.com
Secondarys: remote.mydomain.local
rdsh11.mydomain.local
rdsh12.mydomain.local
rdsh13.mydomain.local
Operationally to track and renew the certificate will also be more streamline.
mydomain.com
mail.mydomain.com
autodiscover.mydomain.com
anotherdomain.com
Normally most opt for UCC as it can provide significant cost savings in many situations. For e.g. for certain features in Microsoft's Exchange Server, Office Communications Server, and Live Communications Server.
Likewise for the remote gateway use case, you could have a UCC Cert like this:
Main Domain: remote.mypublicdomain.com
Secondarys: remote.mydomain.local
rdsh11.mydomain.local
rdsh12.mydomain.local
rdsh13.mydomain.local
Operationally to track and renew the certificate will also be more streamline.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the info.
Enough information to confirm answer.
ASKER
Thank you everyone for the info. Sorry it took me so long to close this case.
http://info.ssl.com/article.aspx?id=12157