It's still the norm for SBS. Remember that this is very small business and it's what we always see. For larger networks it depends on what your plans for external access are.
Mike -----Original Message----- From: Kevin Miller [mailto:[EMAIL PROTECTED] Sent: 13 May 2008 22:08 To: MS-Exchange Admin Issues Subject: RE: Exchange 2007 and SSL certs for internal and external use I don't that it was ever official Subscribed, or retracted. Michael b., can you bring this up in the MVP forums and see we can have Nino make a blog post, or get someone to make one? ~Kevinm WLKMMAS powered by 3Sharp, Always WLKMMAS What is your Zombie Plan? -----Original Message----- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 1:03 PM To: MS-Exchange Admin Issues Subject: Re: Exchange 2007 and SSL certs for internal and external use Not very well though, since it has lingered for years - evn to this day. Was the an "official" retraction? I see .local in my spam filters HELO log all the time. I reject the sessions. On Tue, May 13, 2008 at 3:18 PM, Kevin Miller <[EMAIL PROTECTED]> wrote: > > > > > Somewhere, but we retracted that after a short period of time... > > > > > ~Kevinm WLKMMAS > > powered by 3Sharp, Always WLKMMAS What is your Zombie Plan? > > > > > > From: Barsodi.John [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 13, 2008 11:35 AM > > > To: MS-Exchange Admin Issues > Subject: RE: Exchange 2007 and SSL certs for internal and external use > > > > > > Wasn't it in early MS guidance for 2000 or perhaps it was 2003, that you use > .local? The concept of split DNS was relatively new, if I remember > correctly. > > > > > > From: Michael B. Smith [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 13, 2008 11:26 AM > To: MS-Exchange Admin Issues > Subject: RE: Exchange 2007 and SSL certs for internal and external use > > > > Interestingly, I just installed SBS 2003 R2 for a new customer yesterday, > and the SBS installation wizard actually suggested .local! I was surprised. > > > > Regards, > > > > Michael B. Smith > > MCSE/Exchange MVP > > http://TheEssentialExchange.com > > > > > From: Don Ely [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 13, 2008 11:47 AM > To: MS-Exchange Admin Issues > Subject: Re: Exchange 2007 and SSL certs for internal and external use > > > > Why ".local"? > > > On Tue, May 13, 2008 at 8:43 AM, Oliver Marshall > <[EMAIL PROTECTED]> wrote: > > > > We looked at a wildcard cert but that wont work as our internal domain is a > .local and externally we are a .com. > > > > The users connection settings are pre-filled by Outlook 2007. Is this > editable in AD so that we are able to change the server FQDN they connect > to? > > > > > > From: Sam Cayze [mailto:[EMAIL PROTECTED] > Sent: 13 May 2008 16:19 > > > > To: MS-Exchange Admin Issues > > Subject: RE: Exchange 2007 and SSL certs for internal and external use > > > > > Another way might be a 'wildcard certificate'. One that handles > *.domain.com, www.domain.com, domain.com, mail.domain.com, etc. A little > more spendy though... > > > ________________________________ > > > From: Don Ely [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 13, 2008 10:07 AM > To: MS-Exchange Admin Issues > Subject: Re: Exchange 2007 and SSL certs for internal and external use > > Split DNS > > > On Tue, May 13, 2008 at 7:41 AM, Oliver Marshall > <[EMAIL PROTECTED]> wrote: > > > > Hi chaps, > > > > I have an Exchange 2007 server here on which we have setup an SSL > certificate (in the name of mail.mydomain.com). This works great for users > outside using Outlook 2007s Outlook Anywhere feature. However, internal > users get a warning stating that the SSL cert name doesn't match the server. > It's not the biggest issue, but it's...untidy. > > > > What's the best way to handle this? Obviously I can only attach one SSL cert > to the Default site in IIS on the Exchange box and the internal domain > (mydomain.local) is sufficiently different from the external one > (mydomain.com) that we can't get an SSL cert to cover both. > > > > Is there a way to create a new IIS site that still points at the same > exchange folder structure as the current Default Site but that is set to > accept a different hostname? That way I could have one site for the internal > users hitting blue-server.mydomain.local and one for the external users > hitting mail.mydomain.com and attach a correct cert to both. > > > > Can this be done ? > > > > Olly > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
