I used a single domain SSL certificate for Exchange 2003 and everything worked just fine. My company got Exchange 2010 and now I'm being told that I need the more expensive 5 slot UCC certificate. Why can't I continue to use the single domain certificate?

The issue is autodiscover that is required for all versions 2007+. If all your machines are domain joined and you are not going to use Outlook Anywhere, you can get away with a single name cer. Normally you will have a cert with (internally): CAS-Array FQDN Autodiscover FQDN Externally Webmail / OA / ActiveSync FQDN Autodiscover FQDN Casper Pieterse, Principle Consultant - UC, Dimension Data South Africa, Microsoft Certified Master: Exchange 2007

Hi, Take a look at this article. http://blog.sembee.co.uk/post/Exchange-2007-and-SSL-Certificates-Take-2.aspx Thanks.

While it is possible to run Exchange 2010 with a single name SSL certificate - the product is designed to be used with a UCC certificate. The reason a UCC is used is because of the multiple ways that Exchange is accessed. Web Services is key to the product, it isn't just OWA which is secured via IIS. It is autodiscover, availability, web services, offline address book distribution. It all needs to be accessed in a secure manner. You can only use a single name certificate with Exchange 2010 and Outlook 2007 and higher IF your external provider supports SRV records. If not, then you will have to use a UCC certificate for full functionality. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources