In Part1 we prepared AD and installed the first Exchange Server. This part will be devoted to the installation of the wildcard Exchange certificate.
Let’s start off with determining the “mail”namespace this Exchange organisation will use:
Internal access – Mail.TestCompany.com
External access – Mail.TestCompany.com
Autodiscover – Autodiscover.TestCompany.com
For the sake of simplicity I’ll prefer split-DNS configuration with the same internal and external host names. Autodiscover will be placed on its own site – Autodiscover.TestCompany.com. Therefore I must add to the local (and external as well) DNS zone the following records:
A Mail.TestCompany.com = 18.104.22.168
A Autodiscover.TestCompany.com = 22.214.171.124
Now let’s run ECP (servers/certificates), review the default Exchnage certificates and create a new certificate request.
Don’t forget to type * and . before the domain name.
As we’ll need to submit this request to the local CA let’s open TestCompany-WC.REQ and copy its content.
Then connect to https://dc.testcompany.com/certsrv and submit the requst.
Save the issued certificate to the appropriate location (I’ll save to \\dc\share).
…and assign the wildcard certificate to the appropriate services (we can’t use a wildcard certificate for IMAP and POP).
Finally in IIS console we need to enter the hostname the CAS server we’ll be using for client connections – mail.testcompany.com – and make sure the new certificate is working:
In Part2 of the series of articles on deploying Exchange 2013SP1 we defined a namespace for the Exchnage organisation and installed a wildcard certificate on exch1.testcompany.com. In the next part we’ll proceed with configuring Exchange virtual directories.