com, pop.exchangeexchange.com, imap.exchangeexchange.com .
Part II: Working with Server Roles
174
This certificate will now be accepted for any of the domains listed. It is not required to have the
NetBIOS or fully qualified domain name (FQDN) of the server. However, it may make configuration
easier if users will be accessing the CAS from internal networks.
Figure 6-6
Putting all of this together, this is an example for our test domain exchangeexchange.com . The external
DNS name is webmail, which is how users access OWA. This request uses a Subject Alternative Name
certificate to provide secure access to Autodiscover.exchangeexchange.com for Outlook 2007 clients:
New-ExchangeCertificate -GenerateRequest:$true -FriendlyName ExchangeExchangeCert -
PrivateKeyExportable:$true -path c:\temp\certreqSAN.req -subjectname ???C=US,
S=Illinois, L=Chicago, O=ExchangeExchange, OU=Information Systems,
CN=webmail.exchangeexchange.com??? -DomainName
webmail.exchangeexchange.com,autodiscover.exchangeexchange.com,pop.
exchangeexchange.com,imap.exchangeexchange.com
Obtaining the Certificate
The process for obtaining the certificate depends on which certificate authority is used. Most services
allow uploading the request file generated in the previous step. Some certificate authorities require pasting
the contents of the request file directly.
Pages:
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273