I need an SSL certificate for Exchange 2007 and For SharePoint 2010, can I use the same for both?
My internal domain is xyz.int and my external is xyz.co.uk.
I cannot get an SSL certificate granted for xyz.int because externally it only exists for government organizations.
I am also unable to change my internal domain name.
I am getting a GoDaddy Standard Multiple Domain (UCC) SSL certificate for up to 10 Domains.
- xyz01 - netbios name
- xyz - domain name without .int
- SharePointServerName
- sharepoint.xyz.co.uk
- autodiscover.xyz.co.uk
- EmailServerName
- mail.xyz.co.uk
What do you think?
I believe I have to set DNS up so mail.xyz.co.uk resolves internally. However for now I just want to know two things.
Are these the correct items to request for my SSL certificate and can I use the certificate for both my Exchange Server and My SharePoint server?
Is there a reason you can't install certificate services internally, this will allow you to create a certificate yourself for xyz.int and if your internal machines are all on the domain they'll already trust the certificate.
Then you can just get proper externally signed certificates for the external domains.
Microsoft does not recommend NetBIOS names on the UCC cert, but it doesn't necessarily hurt. I can't speak specifically for Sharepoint, but best practices for Exchange you want the following:
You might consider adding what would be the names of additional CAS servers you might use down the road, or the name of the NLB array if you're only using a single server now, so that you won't need to request a new cert from your CA provider.
If you plan on using pop, or imap you may want to consider including smtp., pop., and/or imap. in order to allow them to have separate DNS names and still use SSL.