SSL Certs and 2007->2010 Migration...Legacy Cert Name

SSL Certs and 2007->2010 Migration...Legacy Cert Name (Full Version)

All Forums >> [Microsoft Exchange 2010] >> Installation

Message

wavegeek -> SSL Certs and 2007->2010 Migration...Legacy Cert Name (21.Aug.2012 3:50:36 PM)
We have recently installed an Exchange 2010 CAS, HT and Mailbox server roles in our Exchange 2007 environment. The installation went well and we are running in "hybrid mode" right now. I know in order for redirection to take place, we need to have a legacy.domain.com FQDN that will point users back to the Exchange 2007 services. I have been working with a consultant and we generated a SAN SSL cert on our Exchange 2010 CAS with the the following names: autodiscover.domain.com casarray1.domain.com(this is for NLB of the CAS service) webmail.domain.com(which is for OA/Activesync/OWA/OAB) servername.domain.com(netbios name of server) legacy.domain.com We did not generate the legacy.domain.com name on Exchange 2007 CAS even though that is where it is supposed to reference. The consultant said there would be no need to generate the legacy.domain.com cert on the 2007 CAS and we could just export the cert on the Exchange 2010 CAS that has the legacy.domain.com name and import and apply to the Exchange 2007 CAS. Does that make sense or is that possible?

de.blackman -> RE: SSL Certs and 2007->2010 Migration...Legacy Cert Name (22.Aug.2012 7:52:57 AM)
Yes it makes perfect sense and will work!

wavegeek -> RE: SSL Certs and 2007->2010 Migration...Legacy Cert Name (22.Aug.2012 12:32:12 PM)
Thanks. Is it also necessary to have the netbios/FQDN of the server as a name in the cert? One thing we have on our Exchange CAS is the certificate principle name as the netbios name of the server. Our Outlook Anywhere clients have in their Microsoft Exchange Proxy Settings in Outlook, the FQDN of the server where it says "Only connect to proxy servers that have this principal name in their certificate."

Page: [1]