There is a certificate issue of Exchange Server 2016.
Our internal domain of Active Directory (Windows 2016) name is test.net and the external domain name is aisa.com.
There are two email domains for some users : @aisa.com and @hkhk.com
98% users default email domain is @asia.com. 2% users default email domain is @hkhk.com and also contain email domain @asia.com
For example :
Thomas : firstname.lastname@example.org
All internal and external clients (Outlook, Mac Mail, iPhone, Android and OWA) connect Exchange Server using name hkexchange.aisa.com.
Existing certificate of Exchange Server is self-sign with internal CA and the self-sign certificate install on all Exchange servers. Certificate include the following subject name:
There is one question:
If I want to purchase new certificate for Exchange Server from public, what subject name need to include in the new certificate?
However, I ask GoDaddy customer service. They say the new certificate need to contain subject name hkexchange.aisa.com, autodiscover.aisa.com and hkhk.com. I ask what is the subject name of hkhk.com? autodiscover.hkhk.com? They do not know. I worry about the that wrong or missing subject name cause user cannot access Outlook or receive / send email.
I just make a test, I add a new email address email@example.com and set as my default email address (two email address in mailbox : firstname.lastname@example.org and email@example.com). I try to add my email account on Android mobile and restart my outlook. I can send email to internal users and can receive incoming email. It seems okay. However, after 1 hour, Outlook pop out request me to certificate accept : autodiscover.abcde.com. I have not create this certificate before. It seems there is a problem.
Can anyone help me?