Coexist Private SAN certificate with 3rd party verisign certificate together in same Exchange 2010 C

Status
Not open for further replies.
J

Joe Tam

Dear Sir,
Our customer is using exchange 2010 server which was configured to use private SAN certificate for client (OWA, Outlook Anywhere, push mail and office outlook), everything is working fine.
Now they would like to obtain single hostname public verisign certifcate for replace their existing certificate function for OWA web mail, such that boss / customer will not have security warning problem when using webmail in the public machine. But another function (outlook anywhere, push mail, office outlook) will be remained by using private SAN certificate.
Is it possible to coexist both certifcate or must it change all configuration from private SAN cert to single hostname certifcate ? (Because there are many changes in autodiscover setting),
If not, do the procedure is to remove private SAN certificate, then reconfigure it with single certificate setting ? Any document information of it ?

Joe
 
B

Busbar [MVP]

you will need to assign the CAS server another IP, create a website that works on that IP and configure OWA virtual directory on it and assign the SSL certificate to that website.

there is no way to assign 2 certs on the same website unless you use different port which will affect binding and make OWA not working

Regards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com, Follow me on twitter http://www.twitter.com/_busbar and if you Liked my post please mark it as helpful and accept it as an answer
 
S

Sembee [MVP]

The best option would be to use a single SAN/UC certificate. There are many other choices than Verisign's overpriced certificates for this task. GoDaddy are the cheapest source, Digicert certificates work well, both are more cost effective than Verisign.
If you attempt to add an additional web site to the server and add an additional certificate you will actually cause more problems because Outlook attempts to connect to the machine's FQDN, which will be registered with the internal DNS on both IP addresses. That will then generate SSL certificate warnings internally.

A single SAN/UC certificate is the best way to go here for a completely trouble-free deployment. Anything else will provide unpredictable results.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
J

Joe Tam

Dear Busbar,
Thank you of your information, I understand that same website with same port number cannot be configured with 2 SSL certificate.

Dear Sembee,
Do you know that is there any SAN/UC certificate provider which can have trial SSL for testing?

Joe
 
S

Sembee [MVP]

I am not aware of any provider offering UC certificates for testing purposes.

Someone may suggest one of the free providers - FreeSSL or similar, but their trust level isn't that comprehensive meaning that they aren't much better than a self signed certificate.

Simon.

Simon Butler, Exchange MVP
Blog | Exchange Resources
 
B

Brian Day MCITP

Do you know that is there any SAN/UC certificate provider which can have trial SSL for testing?
Talk to a few vendors, some of them will refund your $ if you revoke the cert within a certain time period.Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided "AS IS" with no guarantees, no warranties, and they confer no rights.
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
K exchange 2010 OWA and exchange 2003 coexist Exchange Server Administration 1
K exchange 2010 OWA and exchange 2003 coexist Exchange Server Administration 1
S coexist exchange 2010 and 2003 smtp connector issue Exchange Server Administration 2
S how to configure outlook anywhere and OAB in coexist 2003 and 2010 exchange environment Exchange Server Administration 3
S Install exchange 2010 and coexist exchange 2003 sequence Exchange Server Administration 6
S Exchange 2003 coexist with Exchange 2010 Exchange Server Administration 9
S Coexist Exchange 2003 and 2010 OWA issue Exchange Server Administration 4
A Coexist 2010 with 2007/03 Exchange Server Administration 6
A Cannot copy this folder because it may contain private items Using Outlook 0
N Private check box in table view Using Outlook 0
Diane Poremsky How to Easily Change the Private Flag New Slipstick.com Articles 0
A Customize meeting form. Private notices Outlook VBA and Custom Forms 3
D Shared Mailbox with mail item marked as "private" Using Outlook 0
O Add private notes or comments to Outlook meeting invite Using Outlook 4
L Showing @live account in outlook 2013 calendar as private appointment Using Outlook 1
R Default Start time for Private Appointment Using Outlook 4
N Outlook Shared appointments automatically to Private Calendar Using Outlook 1
Britonius Delegate cannot view meetings marked Private by Another Chairperson Using Outlook 7
W Outlook 2010 - Displaying Private Appointments In Shared Calendars Using Outlook 1
R Private Sub Application_ItemSend() -Cannot make this code work in Outlook 2013 Using Outlook 0
G Private Address Groups Using Outlook 0
K Private Calendar events Using Outlook 3
M Auto-color all Calendar items based on condition: Private Using Outlook 6
D Private messages not forwarding by rule? Outlook 2007 Using Outlook 1
M Can't mark appointments as private for other user Using Outlook 1
L Allow private fields Outlook Wishlist 0
K Private meetings do no show in meeting scheduling Using Outlook 2
J Printing Private Appointment Detail on Calendar Printing Assistance Calendar Printing Assistant 0
J Printing Private Appointments on Caledar Printing Assistance Calendar Printing Assistant 2
S how do I set up shared calendar so some can see private details and others can not? Using Outlook 2
D How to push a second outlook 2007 'private' calendar on exchange 2007 to my mobile phone. Using Outlook 1
S exchange 2010 in private cloud Exchange Server Administration 5
H Private Calendar Entries Using Outlook 1
S How do I mark an email I want to send as 'private'? Using Outlook 2
C Re: Outlook 2010 - Shared Calendar sets all items as private. Using Outlook 3
U 'private' email not private Using Outlook 0
U 'private' email Using Outlook 1
N sending out messages marked private Using Outlook 3
L Prevent Users From Creating Private Appointments on Shared Calendars Using Outlook 3
G How can I delete a private appointment in shared calendar in public folders? Using Outlook 1
A Calendar items are being changed to a private event after I input them into my calendar. Using Outlook 2
A OWA Authentication: Public session vs. Private session Using Outlook 25
B Private Appts. in Outlook 2007 Calendar Sharing Using Outlook 2
T keeping my emails private Using Outlook 1
C Can you disable the OWA login public/private option? Using Outlook 3
F Checkbox Private Outlook VBA and Custom Forms 2
A Calendar private appointments, an unresolved question... Outlook VBA and Custom Forms 3
R auto-copy from private to public folder Outlook VBA and Custom Forms 3
D Automark incoming appointment request as private Using Outlook 3
S SAN Cert Question Exchange Server Administration 12
Similar threads


















































Top