• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange 2003 to Exchange 2010 coexistence SSL certificate question

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2010] >> Secure Messaging >> Exchange 2003 to Exchange 2010 coexistence SSL certificate question Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange 2003 to Exchange 2010 coexistence SSL certific... - 19.Aug.2013 9:07:56 AM   
UnderCoverGuy

 

Posts: 8
Joined: 14.Jun.2006
From: Northern Virginia, USA
Status: offline
Im deploying an Exchange 2010 environment on our network (to co-exist with 2003 for a few months) for our transition (I know better late than never). Our 2010 deployment has three MBX servers, two HT/CAS servers (in a NLB CAS array) and two EDGE servers. Im trying to consolidate the URLs as much as possible and I think that I need input on my certificate requirements. Our internal domain is different than our external name and were using split-DNS internally. I know of the CA changes that are coming November 2015 and were trying to plan for it now and incorporate it into the 2010 design. We currently have no internal PKI but will implement one at a later date (after Exchange 2010 is in production).

As I mentioned, we need certificates for this deployment and were thinking (of course) to get a UCC/SAN cert. I know I need one for auto-discover, OWA and the rest (which I think I can combine into one URL) along with Outlook Anywhere using redirection. I also need one name for my legacy OWA (frontend-backend clustered 2003) while 2003 and 2010 coexist. I thinking that well need one each for the two EDGE servers for TLS (so two total), none for the HT/CAS (also none for the CAS array) and none for the MBX roles either.

As a summary for certificates:
1 (one) combined for auto-discover, OWA, ActiveSync, etc.
1 (one) for legacy Exchange 2003 OWA
1(one) for EDGE1 for TLS
1(one) for EDGE2 for TLS
0 (zero) for CAS/HT servers
0 (zero) for CAS array
0 (zero) for MBX servers

Does this seem correct or have I missed anything? Thanks in advance for any input (which is greatly appreciated).


UCG
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2010] >> Secure Messaging >> Exchange 2003 to Exchange 2010 coexistence SSL certificate question Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter