I'm preparing to deploy Exchange 2007. The environment is setup as follows:-Mailbox-01 (SCC)-Mailbox-02 (SCC)-HubTransport-01 (NLB)-HubTransport-02 (NLB)-CAS-01 (NLB)-CAS-02 (NLB)I plan to use an SSL Offloading hardware appliance (Similar to ISA 2006) for OWA, Exchange ActiveSync and Autodiscover. I will be using a GoDaddy UCC certificate for these services which will be installed and hosted on the SSL Offloading appliance. This certificate will not be installed on any of the Exchange hosts. My Certificate Request includes the following SANs (Subject Alternative Names):-owa.domain.com-autodiscover.domain.com The SSL Offloading hardware appliance also requires another certificate for inter-communication to the CAS servers. I will be using an internal PKI CA for this certificate. My Certificate Request includes the following SANs (Subject Alternative Names):owa.domain.com (NLB VIP)autodiscover.domain.com (NLB VIP)cas-01.subdomain.domain.comcas-01cas-02.subdomain.domain.comcas-02I will be using another GoDaddy UCC certificate for SMTP which will be installed on the Hub transport servers. My Certificate Request includes the following SANs (Subject Alternative Names):-smtp.domain.com (NLB VIP)-hubtransport-01.subdomain.domain.com-hubtransport-02.subdomain.domain.com-subdomian.domain.com-domain.comBoth internal and external users will use the NLB VIPs connect to owa.domain.com and autodiscover.domain.com (through the SSL Offloading hardware appliance). Questions:1. Is there any reason to include the NetBIOS and FQDNs on the public certificate that will be externally facing on the SSL Offloading hardware appliance? 2. Have I included all of the necessary SANs on all of my certificate requests?Thanks for the help!

Hi,First, there is no necessary to include NetBIOS and FQDN on the public certificates that facing on the SSL Offloading hardware appliance unless using the FQDN as the OWA's url.Second, all the necessary SANs have been included on the corresponding certificate based on the description.ThanksAllen