Here is the scenario , we are doing migration from Exchange 2003 to Exchange 2010. We have existing certificate called webmail.smtp25.org and we wish to move this over to Exchange 2010.
I think this will be pretty common thing in these type of migrations. One thing I found out supper easy is not to kill yourself to try to share the existing cert and the URL being used to access the webmail. For instance if you are using webmail.yourCompany.com
| webmail.yourCompany.com =Valid Cert = Exchange-2003 Server |
And as soon as you moved first user on Exchange 2010 , accessing Existing URL wont work for the user on Exchange 2010. Here is what I have done couple times to get around this type of issues and make migration pretty seamless to end users (-: …..
I purchased new cert ( GoDady fro $10 bucks) and called it owa.yourCompany.com
| owa.yourCompany.com=New Valid Cert=Exchange 2010 |
I configured this cert on the E210 server and told costumer everyone who gets migrated on E210 will use this link to access their webmail. This made my job supper easy and at the end of the migration I export the cert from E03 imported into E210 and done with migration.
- STEP 1: Export Certificate and Private Key from the IIS 6.0 server
Create an MMC Snap-in for Managing Certificates:
1. Start > run > MMC - Go into the Console Tab > File > Add/Remove Snap-in
- Click on Add > Click on Certificates and click on Add
- Choose Computer Account
- Choose Local Computer
- Close the Add Standalone Snap-in window.
- Click on OK at the Add/Remove Snap-in window
- Open Certificates Console Tree
- Go to Personal
- Right click Certificates
- Choose ALL TASKS
- Select Import to start the Certificate Import Wizard
- Click Browse
- Locate the .pfx file
- Click Open
- Next
- Finish
After this is completed rest of the work is supper easy go to EMC and drill down to server configuration , you will see the certificate there , just assign services to this certificate to finish the work
Resource Links
- https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO8306
- http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm
- http://technet.microsoft.com/en-us/library/dd351257.aspx
Respectfully,
Oz Casey, Dedeal
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog
http://telnet25.spaces.live.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
7 comments:
Hello Friends,
During an Exchange 2003 to 2010 transition a legacy namespace is configured for users who are connecting to Exchange 2003 mailboxes. The Exchange Server 2010 SSL certificate includes the legacy name in its Subject Alternative Name field, but this certificate then needs to also be installed on the Exchange 2003 server. Thank you....
Server Auditing Tools
nice
Will the previous certificate work if we migrate to upper version ? The scenario that you have shared made me to think and confused me. You have cleared the doubt in a very easy way. Thanks.
electronic signature FAQ
I too got the same doubt @ Tee Chess.
Exchange Migration
Thanks for sharing great your information with us. We all like it..
Is digital signature for income tax use for account login
You have cleared all the doubt using this valuable post. Its very important for any digital signature franchise
Post a Comment