Michael McGuire
asked on
Exchange 2016 URL'S & SSL Certs
Going to be migrating to Exchange 2016 (from EX2010) and need some advice on External URL's and SSL Certs. On my Exchange 2010 I was using the host name of both my Internal & External URL's for Virtual Directories (ActiveSync, OWA, AOB, ..etc). I was told that it is recommended to not use the host name on these external url's. I should use ex.: mail.mydomain.com (use just general mail name instead of my host name). So should i just use this on my External URL's or both Internal and External?
When creating my new SSL Cert for EX2016 would I still need to put my host name on this Cert? My current SSL Cert (EX2010) has the following: hostname.mydomain.com; autodiscover.mydomain.com, legacy,mydomain.com; mydomain.com.
I would like to use as minimal amount of SAN names as possible.
When creating my new SSL Cert for EX2016 would I still need to put my host name on this Cert? My current SSL Cert (EX2010) has the following: hostname.mydomain.com; autodiscover.mydomain.com,
I would like to use as minimal amount of SAN names as possible.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Your external static ip should point to new exchange 2016 only
This causes no issues as long as you configure urls correctly
Refer sembee article or other article posted earlier for step by step
Exchange will proxy requests to exchange 2010 silently when user mailbox remains on exchange 2010
Do note that url configuration need to be done on exchange 2010 & 2016 both
This causes no issues as long as you configure urls correctly
Refer sembee article or other article posted earlier for step by step
Exchange will proxy requests to exchange 2010 silently when user mailbox remains on exchange 2010
Do note that url configuration need to be done on exchange 2010 & 2016 both
If you want you can create a host entry for mail.emaildomain.com and autodiscover.emaildomain.c om which points to Exchange 2016 in a test PC. Open outlook in that PC if that works you can update the A records in your DNS server.
The same applies for your external access. Change NAT in firewall (After working hours) to Exchange2016 and test from an external network. If that works you are good to go.
Below screenshot I created a host entry in my PC for your reference.
The same applies for your external access. Change NAT in firewall (After working hours) to Exchange2016 and test from an external network. If that works you are good to go.
Below screenshot I created a host entry in my PC for your reference.
ASKER
Thanks guys for your help and pointing me in the right direction
ASKER