My SSL certificate is for *.example.com but my internal domain is junk.com. I have an Exchange environment that masquerades as mail.example.com.
This was working from what I could tell for the last year, until I noticed an issue with the Intermediate Certificate Authority, where the certificate installed in IIS6 for the Default Web Server couldn't verify the certificate.
To resolve this, I redownloaded my certificate from my vendor and installed the Intermediate Certificate Authority and SSL certificate. After restarting IIS, people trying to access Outlook Web Access were being met with ERR_SSL_PROTOCOL_ERROR. I put a work around in place by using a self-signed certificate, but this brings up that "do not trust this certificate" warning. People can continue on to the portal after acknowledging the warning, but that causes confusion for users.
Was I mistaken about how this works? Are you supposed to be able to use an SSL certificate assigned for *.example.com onto a different domain like junk.com where the Exchange environment is masquerading as the certificate's domain? If so, how do I get it to work properly?
Looks like what I wanted to do was use host headers in conjunction with an exported copy of my wildcard certificate.
First, I exported my wildcard cert w/ private key from an existing server I already had it installed on and imported it into the Exchange front end server.
Then, in II6, I went to the properties for my website and added a host header for my FQDN on port 80
Then I bound port 443 to the same FQDN using:
After that, I added my wildcard cert and restarted IIS.