Gradually adding SSL certificates to Exchange 2010 SP1?
Hello,
It's better to include all the SAN in one certificate to aviod any certificate trust issues.
Thanks,
Simon
August 13th, 2011 11:34am
Coming from Exchange 2003 containing multiple domains like domain1.tld, domain2.tld, [...] domain7.tld each having a couple hundred users to Exchange 2010 SP1.
Domain2.tld thru domain7.tld don't have SSL certificates today but those business units may ask for them in the future. For example, Domain2's management may want sync.domain2.tld and Domain5's management may also want to implement sync.domain3.tld.
Note: it may not be the activesync service, it could be smtp, or owa, or pop3....
My quesiton is, is it easily possible to install one certificate today encompassing domain1.tld. Then add additional certificates later but assign these new certificates to the same services already having a certificate installed by domain1.tld?
Free Windows Admin Tool Kit Click here and download it now
August 13th, 2011 3:56pm
Sounds like you simply need a UCC cert that has all the possible subject names on one certificate. Or a wildcard cert if possible.
August 13th, 2011 4:07pm
For more referernce, please see:
More on Exchange 2007 and certificates - with real world scenario
http://blogs.technet.com/b/exchange/archive/2007/07/02/3403301.aspx
Thanks,
Simon
Free Windows Admin Tool Kit Click here and download it now
August 14th, 2011 1:28am