All Exchange 2007: So, we have a second physical site that currently has its own Exchange configuration and domain (mail2.com). We want to add a second mailbox server at that site for our original Exchange Server (mail.com), then move all the mailboxes from mail2.com over to that mailbox server. mail.com has been running with self-signed certs all this time, and we want to stop having to deal with that and buy a wildcard cert to deal with everything. So far, I have installed the new server with Mbox, CAS, and Hub roles, and can see it in the mail.com organization just fine. I have even created a mailbox and successfully sent mail to the new server. At this moment, I purchased a wildcard cert and installed it on this new server, eventhough the EdgeTransport is the original server. I imagine that's not correct. After doing that, OWA will not work for this new mailbox because it tells me there's no CAS server configured at that location. Can someone please help explain what certificates need to be installed where, and if that alone won't fix the CAS issue, expand on that? All the reading I've been doing on certs has started to run together and I've gotten myself terribly confused.

Is the second site in the same Exchange organization? -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "aobrien5" wrote in message news:d4d5bd02-b154-4c6b-b67d-59823f8414f0... All Exchange 2007: So, we have a second physical site that currently has its own Exchange configuration and domain (mail2.com). We want to add a second mailbox server at that site for our original Exchange Server (mail.com), then move all the mailboxes from mail2.com over to that mailbox server. mail.com has been running with self-signed certs all this time, and we want to stop having to deal with that and buy a wildcard cert to deal with everything. So far, I have installed the new server with Mbox, CAS, and Hub roles, and can see it in the mail.com organization just fine. I have even created a mailbox and successfully sent mail to the new server. At this moment, I purchased a wildcard cert and installed it on this new server, eventhough the EdgeTransport is the original server. I imagine that's not correct. After doing that, OWA will not work for this new mailbox because it tells me there's no CAS server configured at that location. Can someone please help explain what certificates need to be installed where, and if that alone won't fix the CAS issue, expand on that? All the reading I've been doing on certs has started to run together and I've gotten myself terribly confused. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

So the topology is: Site 1: Has domain mail.com, exchange servers Site 2: Has domain mail2.com, exchange servers You have added a new MBX server into site 1, and plan to move all mailboxes from site 2 to site 1, right? Current issue is, OWA failed to access after you replaced the old self-signed certificate with a wildcard certificate, right? Quote: “eventhough the EdgeTransport is the original server” Can you explain for about the sentence above? What’s the exchange topology on the site 1 now? Quote: “I have even created a mailbox and successfully sent mail to the new server” You have created the test mailbox on the new server? Does the error info occur when attempting to login the new mailbox after associated with the new wildcard certificate? Please provide the detailed error info Please reproduce the issue, and then check the traces in the IIS log James Luo TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx) If you have any feedback on our support, please contact tngfb@microsoft.com

Let me try to detail this again - sorry about that Site 1, Chicago = abc.com - a single Exchange 2007 server with all roles installed. Site 2, St Louis = xyz.com - a single Exchange 2007 server with all roles installed. We're in the process of moving the St Louis office from xyz.com to abc.com, so there is already an AD server there and it is configured as a separate site in AD Sites and Services for abc.com. We're trying to add a mailbox/hub/CAS server in STL that will host the mailboxes for the people in the STL office, but leave the only Internet facing mail server in CHI - the only OWA server. I've got the server installed and visible in the abc.com mail server in CHI. The OWA error isn't an issue any longer - it just took a long time to replicate the account and server information to the DC in STL. However, the mail may not actually be getting delivered to the mailbox right now (we can come back to that). Here's my primary question. What should the certificates looks like for chiserver.abc.com and stlserver.abc.com if I want to use a wildcard cert to prevent manually installing certs for each client? (Note: Servers are not actually as far apart as CHI and STL and offices are connected via IPSEC tunnel) Thanks very much

Resources below will help: Certificate Use in Exchange Server 2007 Wildcard Certificate Causes Client Connectivity Issues for Outlook AnywhereJames Luo TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx) If you have any feedback on our support, please contact tngfb@microsoft.com