Certificate Planning in Exchange 2013

by Arman Obosyan 19. March 2014 23:10

Now that we understand the load balancing and namespace planning principles and how clients connect in an Exchange 2013 environment that has Exchange 2007 and/or Exchange 2010 deployed, the proper certificates can be constructed and deployed as part of the upgrade process.

Of course it goes without saying that there are a few rules you should follow in crafting your certificates:

  1. Use as few certificates as possible.
  2. Use as few host names as possible.
  3. Utilize the Subject Alternative Name (SAN) attribute on the certificate.
  4. Use the Exchange Certificate Wizard within the Exchange Admin Center to request certificates.
  5. Deploy the same certificate across all CAS in the datacenter pair.
  6. Deploy Vista SP1 or later clients so that you do not have to worry about the certificate principal name value.

Wildcard certificates are an option as well. A wildcard certificate for *.contoso.com results in a certificate that will work for mail.contoso.com, legacy.contoso.com, and autodiscover.contoso.com namespaces.

To understand what host names should be included in the certificate request, three scenarios will be considered that leverage the architecture principles discussed in the prior articles.

Certificate Planning in Exchange 2013

Continue at source…

Comments are closed

© 2008-2012, Arman Obosyan, Postmaster.GE
Powered by BlogEngine.NET 2.6.0.18
Hosted on Windows Azure and IIS8

About the author

Arman Obosyan is an experienced IT Pro. with over 15 years work experience in Information Technologies sector.

Certified since 2003 year, passed following certifications MCP, MCSA, MCSE, MCTS, MCITP, Exin ITIL and VMware Certified Professional (VCP)

In 2010 Was awarded a Microsoft Most Valuable Professional (MVP)

--------

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent anyone else's view in any way, including those of my employer.



Live Trafic

 

Calendar

<<  August 2014  >>
MoTuWeThFrSaSu
28293031123
45678910
11121314151617
18192021222324
25262728293031
1234567

View posts in large calendar

TextBox