Do I need two certificates??? One for the internal Hub Transport Servers and one for the Edge Transport Servers in the DMZ?
Our big concern right now is the internal certificate, since it's the one (Hub Transport Server) giving us errors. Perhaps I should just use our internal CA to replace the Hub Transport Self Signed Certificate and purchase a separate certificate from certificatesforexchange for our (DMZ) Edge Transport Servers? Or, would one certificate placed in the right place take care of Hub Transports and Edge Transports? From: James Kerr [mailto:cluster...@gmail.com] Sent: Wednesday, September 23, 2009 1:00 PM To: MS-Exchange Admin Issues Subject: Re: Exchange 2007 Certificates You can buy a cert from certificatesforexchange.com for $30 or a UCC cert for $60 (its cheap, just do it!). No you don't have to remove the old cert, you just install and enable the new cert for the services you want to use it for. James ----- Original Message ----- From: McCready, Rob<mailto:rob.mccrea...@dplinc.com> To: MS-Exchange Admin Issues<mailto:exchangelist@lyris.sunbelt-software.com> Sent: Wednesday, September 23, 2009 12:49 PM Subject: Exchange 2007 Certificates We are currently using an Exchange 2007 self signed certificate that will soon expire. Since we have a small amount of users that are getting a hub transport certificate error anyway, we just planned on replacing the self signed certificate with one from our own internal CA. Is that a big deal? Should we look at an external CA instead? Would I need to remove the self signed certificate BEFORE installing the new certificate? Anybody else been through this? Enough questions? Thanks all, Rob
