Hi Guys, I have recently setup a complete new sbs2008 server. I am stuck on certificate... I have approched godaddy.com for a ssl certificate for exchange 2007 but they are finding it difficult to issue me a certificate because they cant access my domain ie remote.fdm****.co.uk. I have asked my hosting company to create a DNS entry for remote.fdm****.co.uk which they have done and link that to my valid IP address. Do i have to use this address to configure mobile devices as well or do i need a new certificate and dns entry for mail.fdm****.co.uk. Do I need SSL certificate or UCC certificate to achive what I want to do. Please guys help me setting up exchange as I have nevr worked with exchange 2007. Hope to hear from you guys soon. Vik

Hi Yes you should use a SAN cert, that will do that work best Digicert have a nice generator that helps you to create the CSR https://www.digicert.com/easy-csr/exchange2007.htm You should include the following names mail.fdm****.co.uk autodiscover.fdm****.co.uk servername.internaldomain.local Then you need to create an A record for mail.fdm****.co.uk and point it to your server (fw->server) and for autodiscover you can use C name record and point that one to mail.fdm****.co.uk. Make sure you open for HTTPS (443) from external to your serverJonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

Thanks Janas... Do i have to make anychanges to SBS server as well to generate CRS for mail.fdm****.co.uk autodiscover.fdm****.co.uk servername.internaldomain.local What changes shall i make in exchange server. And for A record and Cname record shall I contact my ISP because I dont have access to DNS of our domin name. I already have SSL certificate for remote.fdml****.co.uk... shall I cancel that and reapply for UCC... Hope to hear from you guys soon... Thanks Vik

Hi You can check this article and follow the steps that you need to do like configuring address, authentication etc. http://www.isaserver.org/tutorials/Publishing-Exchange-2007-OWA-Exchange-ActiveSync-RPCHTTP-using-2006-ISA-Firewall-Part4.html The only change you need to make is this above, addresses and authentication, then it's dns and fw changes and requesting certificates Yes you can include remote name in the SAN cert also, that's the best option you have here Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

Thanks for your reply Janas.... I have gone through the link but I am able to make changes on exchange... to be very honest i never work with exchange 2007 moreover I dont have isa installed I have watchguard x55e. Thanks Vik... PS. Jasan sorry to ask you but where r u based...is it possible to have a word with you.... thanks

Send over your emailaddress , i can give you a almost step-by-step how to do it I'm based in SwedenJonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

my email address is vikramsokhi@gmail.com.... My setup is SBS2008 with exchange 2007. I am based in London... I can call you if you dont mind. Thanks Vik