Announcement

Collapse
No announcement yet.

Certs for multiple TS Gateway subdomains in SBS 2011/Exchange 2010

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Certs for multiple TS Gateway subdomains in SBS 2011/Exchange 2010

    We are running Exchange 2010 in SBS 2011. We have a Netgear FVS336 router with dual WAN, and two separate ISPs, set up as a rollover in case the faster one fails. We have a self-signed cert that SBS created when we put the server into production.

    I have two MX records. One points to mail.domain.com, and the other to backupISP.domain.com. Each of these domians points to the appropriate IP address for the WAN connection. I have also configured the router to route from both ISPs to the server. Email comes in on whichever WAN is active with no problems. Users can access OWA and RWA using either mail.domain.com or backupISP.domain.com, whicher is active. However when they try to connect to their computers on the backup ISP, TS Gateway does not permit because the certificate name does not match the URL for the backup ISP. Can I 1. create a second self-signed cert for the backup ISP without disturbing the first, or 2. modify the current cert, or 3. create a new cert that will include both subdomains?

    Thank you for your patience and help.

  • #2
    Re: Certs for multiple TS Gateway subdomains in SBS 2011/Exchange 2010

    You should be using a commercial SSL certificate anyway.
    Create a new certificate through Exchange 2010, including remote.example.com, autodiscover.example.com, backup.example.com.
    Then purchase a UC (unified communications), aka multiple domain, aka subject alternative name certificate. That is not a wildcard certificate. Complete the certiifcate request, but then use the wizard in SBS to add a trusted SSL certificate. That will put it in the right place, including Exchange and TS Gateway.

    http://exchange.sembee.info/2010/ins...sl-sbs2011.asp

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment

    Working...
    X