I'm in the process of moving from Exchange 2003 to Exchange 2010, and I'm having issues with the new SAN certificate when installing it on the Exchange 2003 server for Coexistance. I currently have a standard cert securing my mail.domain.com OWA site, but when I replace it with my newly created SAN cert I can no longer access OWA (Page cannot be displayed - in Google Chrome you get "SSL connection Error"). As soon as I replace the SAN certificate with the old certificate, OWA begins working again. Here is the process I followed: 1.) Create a CSR from within Exchange 2010 (mail.domain.com, legacy.domain.com, autodiscover.domain.com) 2.) Signed the CSR with DigiCert 3.) Downloaded the DigiCert certificate and Completed Pending Request in Exchange 2010 4.) Assigned IIS service to this new certificate in Exchange 2010 5.) Exported the certificate using the GUI on Exchange 2010 Management Console 6.) Copied exported cert to Exchange 2003 server 7.) Installed exported certificate in Personal cert store (local machine) on 2003 Server 8.) Went into IIS -> OWA Site -> Directory Security and Replaced old cert with new SAN cert on 2003 Server 1.

Figured this out... apparently the directions on the Exchange 2010 Deployment Checklist are incomplete at best. Instead of installing the .pfx to the Personal cert store on the 2003 server, you have go directly into IIS and remove the current certificate. Then, go back into the Server Certificate menu and choose "import a .pfx file" and directly import the .pfx you exported from Exchange 2010 directly into IIS. The Deployment Checklist simply tells you to double-click the exported cert to install the .pfx, and to choose "Automatically select store."