I noticed that when R2 first came out. All Domain setups should be like that. Too many dot coms for local domains. M ----- Original Message ----- From: Michael B. Smith To: MS-Exchange Admin Issues Sent: Tuesday, May 13, 2008 11:26 AM Subject: RE: Exchange 2007 and SSL certs for internal and external use
Interestingly, I just installed SBS 2003 R2 for a new customer yesterday, and the SBS installation wizard actually suggested .local! I was surprised. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From: Don Ely [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 11:47 AM To: MS-Exchange Admin Issues Subject: Re: Exchange 2007 and SSL certs for internal and external use Why ".local"? On Tue, May 13, 2008 at 8:43 AM, Oliver Marshall <[EMAIL PROTECTED]> wrote: We looked at a wildcard cert but that wont work as our internal domain is a .local and externally we are a .com. The users connection settings are pre-filled by Outlook 2007. Is this editable in AD so that we are able to change the server FQDN they connect to? From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: 13 May 2008 16:19 To: MS-Exchange Admin Issues Subject: RE: Exchange 2007 and SSL certs for internal and external use Another way might be a 'wildcard certificate'. One that handles *.domain.com, www.domain.com, domain.com, mail.domain.com, etc. A little more spendy though... ------------------------------------------------------------------------------ From: Don Ely [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 10:07 AM To: MS-Exchange Admin Issues Subject: Re: Exchange 2007 and SSL certs for internal and external use Split DNS On Tue, May 13, 2008 at 7:41 AM, Oliver Marshall <[EMAIL PROTECTED]> wrote: Hi chaps, I have an Exchange 2007 server here on which we have setup an SSL certificate (in the name of mail.mydomain.com). This works great for users outside using Outlook 2007s Outlook Anywhere feature. However, internal users get a warning stating that the SSL cert name doesn't match the server. It's not the biggest issue, but it's...untidy. What's the best way to handle this? Obviously I can only attach one SSL cert to the Default site in IIS on the Exchange box and the internal domain (mydomain.local) is sufficiently different from the external one (mydomain.com) that we can't get an SSL cert to cover both. Is there a way to create a new IIS site that still points at the same exchange folder structure as the current Default Site but that is set to accept a different hostname? That way I could have one site for the internal users hitting blue-server.mydomain.local and one for the external users hitting mail.mydomain.com and attach a correct cert to both. Can this be done ? Olly ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
