Thursday, 12 November 2015

Exchange 2013, 2016 - Single name certificate

Is it possible to configure Exchange 2010, 2013 or 2016 to use a single name certificate?

The answer is yes but I guess you'll want a little more information.

It's possible to configure all your virtual directory URLs, Outlook Anywhere and the AutodiscoverServiceInternalUri to use the same hostname, for example 

Let's say we have configured our namespace for all services to use

The problem comes when Outlook performs autodiscover and needs to connect to because you'll get a certificate warning as is not on the certificate.

To get around this issue, you simply prevent Outlook using this method to find the autodiscover response by removing the A record and enable another method using an SRV record. Using this method, you configure an SRV record which directs Outlook to connect to is not required on the certificate. 

For more information about configuring the SRV method for autodiscover, see here.

No comments:

Post a comment