Multiple OWA
Hi
My E2k7 (one mailbox and one CAS/HT on W2K8 SP2) is authoritative for 3 domains, contoso.com, contoso.co.in and acme.co.in. I have one CAS server.
Contoso.com users are able to access the mail through owa from webmail.contoso.com. can i have the same CAS server to facilitate owa for contoso.co.in and acme.co.in?
Can i just buy 2 additional certificate for contoso.co.in and acme.co.in like webmail.contoso.co.in and webmail.acme.co.in and install them on the CAS server? would this solution work?
swamy
August 12th, 2010 9:28am
rather than buying two additional certificates for the other domains, which might work depending on how it was deployed and how many nics you had in your machine, i would instead suggest a far easier route and get one cert that has several SAN (subject
alernative name) records for all your domains. This will allow you to point all three web owa fqdn's at the same box and all will be good on certs.
Digicert has a good web tool to create the Exchange 2007 cert request, including adding the SAN names.
https://www.digicert.com/easy-csr/exchange2007.htm
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. If the post wasn't the exact answer or was helpful in leading you to the answer,
please vote it as helpful. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2010 9:50am
Hi Scott,
Thanks for the mail.
In the SAN certificate can i use multiple domains? like webmail.contoso.co.id; webmail.acme.com; webmail.tailspin.co.uk?
or the SAN can have only sub domains for the CN(Command Name) like
Webmail.contoso.com
mail.contoso.com
casarray.contoso.com
sync.contoso.com
swamy
August 12th, 2010 1:29pm
Hi
Why not include these (domain)names into a SAN/UC cert?Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog:
http://www.testlabs.se/blog
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2010 2:10pm
HI Joans,
Thanks for the reply.
Until now i didn't know that i can include multiple domains in the SAN, i was under the impresssion that i can only include subdomains like autodiscover.contoso.com, mail.constoso.com, sync.contoso.com ie the anything.CONTOSO.COM
can i include
autodiscover.contoso.com
autodiscover.acme.com
mail.contoso.com
mail.acme.com
webmail.constoso.com
Incase i include the multiple subdomains in the SAN. I have configured OWA external URL to be webmail.contoso.com
how can i configure webmail.acme.com without overrighting webmail.contoso.com???
swamy
August 12th, 2010 6:45pm
Hi All,
The following link has solved my problem. Thanks to all
http://social.technet.microsoft.com/Forums/en-US/exchangesvrdeploy/thread/9ee2337e-1546-4182-933e-e2ceda8f3cfbswamy
Free Windows Admin Tool Kit Click here and download it now
August 12th, 2010 7:33pm
Glad to hear you found a solution!
Thanks for sharingJonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog:
http://www.testlabs.se/blog
August 13th, 2010 12:32am
Hi Joan,
can i include multiple domains not just subdomains of a single domain? like seen below
autodiscover.contoso.com
autodiscover.acme.com
mail.contoso.com
mail.acme.com
webmail.constoso.com
swamy
Free Windows Admin Tool Kit Click here and download it now
August 13th, 2010 8:51am
Yes you can
Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog:
http://www.testlabs.se/blog
August 14th, 2010 1:33pm
you can use below Exchange Shell command to generate an SAN cert request
New-ExchangeCertificate -DomainName mail.domain1.com, mail.domain2.com, mail.domain3.com -FriendlyName SANexampleCert -GenerateRequest:$True
-Keysize 1024 -path c:\ SANexampleCert.req -privatekeyExportable:$true -subjectName "c=us, o=Padman De Silva, CN=mycompany.com"
in this exapple i have included belowe domain
mail.domain1.com
mail.domain2.com
mail.domain3.com
like wise you can have multiple domain and host records in your SSL, if you are using 3rd Part SSL cert, make sure you take multi domain
SAN cert and all most all certificate sellers provides web based interface to incert your domain names.
-----Cheers
Padman De Silva
Free Windows Admin Tool Kit Click here and download it now
August 14th, 2010 7:59pm