Exchange Certificates (Full Version)

All Forums >> [Microsoft Exchange 2010] >> Secure Messaging



Message


neel436 -> Exchange Certificates (3.Oct.2011 6:04:58 PM)

Hi i have installed exchange certificate sucessfully. but in the domain names, i had just specified external DNS names. now when connecting from the outside, i can connect without any errors/warnings.
however, when connecting internally (LAN), i get certificate warnings, as the internal name of the server is not appearing in the certificate.
i am wondering what is the easiest solution to this.




de.blackman -> RE: Exchange Certificates (4.Oct.2011 9:56:07 AM)

Purchase another SAN certificate with the correct URLs on it and remember to include autodiscover.domain.com as one of the URLs




neel436 -> RE: Exchange Certificates (4.Oct.2011 6:03:36 PM)

hi Thanks for your post. i do have autodiscover in my certificate that i have bought, and it works well.
however, i have a problem with internal DNS. can i assign a certificate that is signed by my local CA to IIS for this. i assume that this would be a problem since i have already got a certificate asssigned to IIS from external CA.




de.blackman -> RE: Exchange Certificates (5.Oct.2011 11:16:04 AM)

Unfortunately not! IIS web sites can only use one certificate. Make it easy for yourself (but a little more expensive) and just get a new certificate with the proper names on it.




neel436 -> RE: Exchange Certificates (5.Oct.2011 4:21:34 PM)

Sounds fair.

thanks for the advice mate.




peacedog13 -> RE: Exchange Certificates (12.Oct.2011 11:47:32 AM)

You could always configure split-dns to save the expense of another certificate. 

The main drawback being that when DNS changes occur for outside accessible services/hosts, you'd need to make the same changes on the internal DNS server.




Page: [1]