Wildcard certificate for Exchange 2010

Hi
I have single exchange 2010 installed. I have installed single domain name on exchange certificate , it expire next month March 2014. I have a plan to buy new Wildcard certificate for the exchange. I access OWA by  ns1.xyz.com/owa  without any
problem but in my local network my outlook giving certificate error because of single domain name on certificate.
My question is what name should be on wildcard CSR? Just put the    " *.xyz.com  " or somting else ? That will work in my local area as well OWA and Outlook anywhere ?

Hi,
According to your description, your internal URLs have the different host name with the external ones.
If you don’t want to change the URLs, we need add the following host names in the certificate:
All the host names in the external and internal URLs including autodiscoverserviceinternalurl;
Autodiscover.smtpaddresssuffix
In this case, SAN certificate is more suitable for your environment than wildcard certificate.
If I misunderstand your meaning, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support

Similar Messages

  • Wildcard certificate for Exchange 2013

    Hello!
    I have a testing network with Exchange 2013SP1 and Windows Server 2012R2 domain controller with CA installed.
    For testing purposes I issued a wildcard certificate for my Exch2013 from my local CA using Web server template and installed it on the Exchange server.
    Now when I open, for example, ecp or owa page I'm getting the error stating my certificate is wrong:
    Q1) Is Windows CA capable of issuing a wildcard certificates?
    Q2) If Q1=yes then what can be the cause of the problem?
    Thank you in advance,
    Michael

    Hi Michael,
    Please click Certificate error in IE to view the details about the error. If the error is related to untrusted certificate, please open Internet Explorer, click Settings > Internet Option > Content option > Certificate. In the
    Certificates dialog box, click the Trusted Root Certification Authorities
    tab and check if your certificate is in the list.
    If the certificate is not in the list, we can install the certificate in Trusted root certificate store by the following KB:
    http://support2.microsoft.com/kb/2006728
    If the error certificate is related to mismatch issue, please confirm if this certificate is assigned with IIS service. If not, please enable it with IIS service and restart IIS service to have a try. To double check about the Exchange certificate, we can
    run the following command to check it:
    Get-ExchangeCertificate | FL
    Regards,
    Winnie Liang
    TechNet Community Support

  • Unable to install rollup4 for Exchange 2010 SP3

    Hi,
    I'm unable to install KB2905616 on my multi-role Exchange 2010 SP3 server. The setup wizard gets stuck at "the setup wizard is generating native images for .NET assemblies........"
    I know that this process will take some time to complete but I have waited 10 hours.
    I've tried to reboot the server and restart the setup.
    Exchange is functioning perfectly otherwise.
    Any help would be greatly appreciated :)
    /Søren Emig

    Hi,
    I recommend you check if the anti-virus has been disabled before you start the upgrade process.
    If you didn't ,the update could fail or take an extended amount of time. 
    Also, disable all other third-party apps/plugins that might be installed (like backup agents).
    In addition,the following articles for your reference:
    Install the Latest Update Rollup for Exchange 2010
    When you install an update rollup package, Exchange tries to connect to the certificate revocation list (CRL) Web site. Exchange examines the CRL list to verify the code signing certificate. (To download and view the CRL list, see
    CodeSignPCA.crl.) If Exchange can't connect to the CRL Web site, the following symptoms may occur:
    The installation takes a long time to complete.
    You receive the following message during the installation: Creating native images for .Net assemblies
    When Exchange isn't connected to the Internet, each CRL request must complete before the installation can continue.
    To work around this issue and to reduce installation times, turn off the
    Check for publisher’s certificate revocation option on the server that is being upgraded. Use the following steps:
    Start Internet Explorer.
    On the Tools menu, click Internet Options.
    Click the Advanced tab, and then locate the Security section.
    Clear the Check for publisher’s certificate revocation check box, and then click
    OK.
    After the update rollup installation is complete, select the Check for publisher’s certificate revocation option.
    Generating NGEN images takes longer than expected
    Hope this helps!
    Thanks.
    Niko Cheng
    TechNet Community Support

  • How to set default website for exchange 2010

    I'm unable to launch the Exchange Management Console, and then I read that it's necessary to set the default web site in a particular way, in order for Exchange 2010 Management Console to work:
    http://social.technet.microsoft.com/Forums/en/exchange2010/thread/4d396628-3867-4c95-9541-e0eb021e0135
    However, after setting up Sharepoint, I see that it has modified the default website, and I'd like to ask for specific settings on how the default web site bindings should look (for exchange). Could someone please advise what I need to do to correct it?
    I'm having trouble interpreting what Mike Crowley recommends in the linked post above, in terms of actual steps to the site binding information (which won't mess up what exists).
    Currently it says:
    Type           port         ip address        binding information
    net.tcp                                            
    808:*
    net.pipe                                          
    net.msmq                                         localhost
    msmq.formatname                            localhost
    http            80             127.0.0.1
    https          443            *
    http           80              *
    https          443            127.0.0.1
    It seems the line for http on port 80 is *, which I guess is equivalent to 'all unassigned'. Is the previous http port 80 binding to 127.0.0.1 causing the problem?
    But I'm also supposed to set a Powershell VDir in IIS. Can someone provide steps for that? 

    Regarding SharePoint on Exchange:
    It was not allowed earlier, as documented here:
    http://office.microsoft.com/en-us/sharepoint-portal-server-it/coexistence-and-interoperability-guide-for-sharepoint-products-and-technologies-HA001160777.aspx & here:
    http://support.microsoft.com/kb/825505 but there doesn't seem to be anything more recent than this.  I would work under the assumption it is not supported outside of
    SBS 2011 (which I am not very familiar
    with).
    Mike Crowley
    Check out My Blog!

  • How to do the hard recovery for exchange 2010 (No Restore.env generated)

    enrollment:Windows server 2008 R2, exchange 2010.
    I want to test the fundamentally of eseutil /cc
    so I backup the exchange database by Using the Windows backup, then I restore the database, and no Restore.env be found.But  I found I can run the
    eseutil /r.
    what's happened? 
    1,why No Restore.env generated for exchange 2010 in Windows server 2008 r2?
    2,why I can do the soft recovery after the restoring the database? 
    3, how to do the hard recovery for this situation(No Restore.env )?
    Please click the Mark as Answer button if a post solves your problem!

    Hi Eric,
    From your description, I would like to clarify the following things:
    1. Before performing the restore process, we need to dismount the Exchange databases that we want to restore. If the database is still mounted, the restore process will fail. If the restore process doesn't succeed, Restore.env won't be generated.
    2. It is because the log files are healthy, you can run Eseutil/r and perform soft recovery.
    3. In your case, you can continue to perform the soft recovery.
    For more information about hard recovery and soft recovery, here are some helpful threads for your reference.
    Exchange Server Soft and Hard Recovery
    http://technet.microsoft.com/en-us/library/aa996168(v=exchg.65).aspx
    Exchange Database Recovery – Using eseutil commands (Note: It isn't from Microsoft, please pay attention to refer to it.)
    http://msexchangeguru.com/2009/07/12/exchange-database-recovery-using-eseutil-commands/
    Hope it helps.
    If there any problems, please feel free to let me know.
    Best regards,
    Amy
    Amy Wang
    TechNet Community Support
    " If the restore process doesn't succeed, Restore.env won't be generated. "
    thank you for you reply.The restore process  succeed,otherwise I can't do the soft recovery after the restoring the database,but can't see the restore.env
    Please click the Mark as Answer button if a post solves your problem!

  • Outlook 2007 Clients Cannot Access Free/Busy Calendar info. for Exchange 2010 Mailbox

    Hi:
    I have Outlook 2007 clients that cannot access Free/Busy Calendar info. for Exchange 2010 mailboxes.  They receive error like "...you do not have appropriate permissions..."
    If those same users logon to a machine running Outlook 2010 then they can view the free/busy info. of the other user's mailbox, so I believe the permissions are set correctly on the mailbox to allow the viewing.
    Any insights are greatly appreciated!
    Thank you!
    Bob Herman IT Tropolis

    Hi Herman,
    As you said, it seems users have proper permissions on mailbox.
    Please make sure users has Reviewer permission on Outlook 2007.
    Please try to run Outlook 2007 under safe mode or re-create profile.
    Also try to turn Outlook 2007 to Exchange Online mode from Cached mode.
    Thanks
    Mavis Huang
    TechNet Community Support

  • Configuration for LDAP IP Address and Port for Exchange 2010

    Let's say Exchange 2010 is installed on a computer that is joined to a domain. However, I would like to redirect LDAP authentication to another IP address and another port like how sharepoint implement it below
    http://sharepoint.stackexchange.com/questions/33540/ldap-authentication-connection-string
    Is it possible to do the equivalent for Exchange 2010?
    Note: I would like to do this without installing any Edge Transport server or Microsoft Forefront TMG

    The question I would need to ask is "Why would you need to do this?"  I ask because Exchange requires an Active Directory account for authentication.  That account may have permissions from some other directory (as in a linked mailbox),
    but the account is used to find it.  For SharePoint, you can authenticate to other directories directly.

  • Mails blocked in queue the moment forefront for exchange 2010 started

    Hi,
    We have newly installed Forfront protection 2010 for Exchange 2010 installed in our exchange 2010 Edge Server.
    Mails got struck in the Queue immediatly after the forefront installations.
    Mailflow works properly one we unhook the forefront from Exchange.
    need to enable the forefront. Got struck in these. How to proceed up further.
    Thanks,
    Pradeep

    Hi,
    Please compare your configuration with the following blog or video. These might help.
    http://araihan.wordpress.com/2010/03/15/forefront-protection-2010-how-to-install-and-configure-forefront-protection-2010-for-exchange-server-2010step-by-step/
    http://www.youtube.com/watch?v=b2BgTmeXwUs
    (Note: Microsoft provides third-party contact information to help you find technical support. This contact
    information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.)
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Forefront for exchange 2010 - how long?

    Hi there.
    Read this article: http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx
    I would have additional question.
    Our company is MS Gold Partner and we need to renew our yearly license every year around AUGUST.
    We are thinking about changing our SPAM filter external gateway with exchange edge, but as we can see from that article, you Will be unable to renew it license after December 2015.
    I know that Microsoft offers online Forefront protection but that is not option in our case because of data sensitivity.We need an answer how long we Will be able to get updates regarding forefront for exchange 2010 and be licensed ok?
    I guess after 2015 december Forefront Exchange 2010 Will no longer recieve spam updates thru Windows update, right?
    And also engines Will not be updated after that date?
    Is this the correct view and understanding?
    with best regards
    bostjanc

    Hi Bostjanc,
    >>how long we Will be able to get updates regarding forefront for exchange 2010 and be licensed ok?
    I think you must have seen the information below in that blog.
    For current customers, Microsoft will continue to support the subscription through Dec.31, 2015. If customer subcriptions expire before Dec.31, 2015, and annot be renewed because the product is no longer offered, these products will continue to be supported
    through that date in order to provided with customers sufficient time to move to alternative solutions.
    You could also check the following blog.
    License extension for End-of-Life Antigen/Forefront products
    Note: Microsoft provides third-party contact information
    to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
    If the information above still cannot resolve your questions, please contact Microsoft to get definitive answers.
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Forefront protection for exchange 2010 - updates?

    Installed Exchange EDGE server with Forefront Protection for Exchange 2010.
    Installed hotfix update rollup 4 for forefront (I think it's the latest because I haven't found any newer).
    We have basically left everything on default in forefront, and if we take a look on dashboard in gui we see this error message:
    not all the antimalware engines selected in the forefront adminstration console for scanning have been enabled for updates.
    where should we take a look whats not being updated. Please a little help.
    with best regards,
    bostjanc

    Hi.
    Meanwhile I have also found information that it has been retired
    https://social.technet.microsoft.com/Forums/forefront/en-US/400fa485-edc9-499f-8294-c196496437d8/not-all-of-the-antimalware-engines-enabled-for-updates-successfully-updated-at-the-last-attempt?forum=FSENext
    bostjanc

  • Disater Recovery for exchange 2010 plan in Cloud computing

    Hi
    We  are  using exchange 2010  for our messaging solutions.  Please find below our current setup.
    mainsite:  MBX Server ---  1no --> Hyper V host
                    Hub&Cas ----- 1No --> Hyper V Host
                    Edge  ---- 1NO --> Physical
    DR site : MBX,Hub&CAS  -- 1No --> Physical
                   Edge   --- 1no --> physical
    we enabled the DAG  for our Mail box server and its replicating  through a point to point link between our main site with DR site.
    Now we are interested to  enable   our DR (disaster recovery) in MS cloud.  Please let  me know the process  to go further .
    how will  the  DAG or DB  replicate to DR Site in cloud?. how its works?
    much appreciated if any body have  this setup .
    Best Regards
    Jagadeesan.S
    O
    Jags

    Hello,
    Kindly find the 3 types of plan for Exchange 2010 DR site. You can check all 3 plans and select as per your requirement.
    1. Rebuild an Entire Database Availability Group plan
    http://technet.microsoft.com/en-us/library/gg513521.aspx
    2. Site Resiliency in Exchange 2010
    http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/planning-deploying-testing-exchange-2010-site-resilient-solution-sized-medium-organization-part1.html
    3. Exchange 2010 Cross Site DAG Disaster Recovery: Data Center/AD Site failure Part 1
    http://msexchangeguru.com/2012/10/25/exchange-2010-dag-dr/
    Deepak Kotian. MCP, MCTS, MCITP Exchange 2010 Ent. Administrator

  • Transport Rule MessageSizeOver for exchange 2010

    Hi 
    I have an exchange 2010 SP3 RU 3 environment with edge transport server implemented. I want to Have Transport rules to limit message size going outside/coming inside on edge transport.
    I recently found a solution with -messagesizeover switch for new-trasportrule command in exchange 2013. Unfortunately its unavailable in exchange 2010. 
    I am wondering if there is a workaround or update for exchange 2010 to add this functionality.
    Thanks in advance
    Farhad

    Hi,
    On Exchange 2010, there is no MessageSizeOver parameter when you create a transport rule. But you can limit the sending and receiving message size of the whole Exchange organization using the following cmdlet.
    Set-TransportConfig -MaxReceiveSize xxx -MaxSendSize xxx
    If you want to limit the sending and receiving messages size for a specific mailbox, you can use the cmdlet below.
    Set-Mailbox xxx –MaxSendSize xxx –MaxReceiveSize xxx
    Hope it helps.
    Best regards,
    Amy Wang
    TechNet Community Support

  • Uninstall Forefront for Exchange 2010

    I have acquired another spam filter appliance that will used instead of Forefront for Exchange 2010.
    How do I uninstall Forefront for Exchange 2010 without any issues while still using Exchange 2010.
    Basically the email will go through the email appliance filter then to Exchange. I want to deactivate or uninstall Forefront for Exchange with impacting my email services. Is it as simple as just uninstalling it?

    Hi,
    About uninstalling Forefront for Exchange 2010, you could check the following article.
    If spam filtering was enabled, the configurations in the corresponding antispam settings in Microsoft Exchange that were leveraged by FPE will be retained by their Exchange antispam counterparts after FPE is uninstalled. These settings include: Connection
    Filtering, Sender ID Filtering, Sender Filtering, and Reciepient Filtering. To change these configuration settings you will need to modify them through the Exchange management console.
    Uninstalling Forefront Protection 2010 for Exchange Server
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • How to test if Spam protection with Forefront for Exchange 2010 works

    Hi there.
    Installed forefront for exchange 2010 on Exchange Edge server.
    We have tested virus protection with creating EICAR, but the question is, is there a way to check if SPAM Works fine, and how to?
    with best regards
    bostjanc

    Hi bostjanc,
    Since this is an issue on the Forefront side, I suggest ask Forefront Forum for help so that you can get more professional suggestions. For your convenience:
    https://social.technet.microsoft.com/Forums/forefront/en-US/home?forum=FOPE
    However, based on my knowledge, use the EICAR antivirus test file is the only built-in method to check whether the Anti-Spam configured correctly.
    You can try to send some test spams to your Exchange server for testing, even if this is a stupid method : )
    Thanks
    Mavis Huang
    TechNet Community Support

  • Support Forefront Protection 2010 for Exchange 2010 SP3

    Hi
    I have a simple question: Is there a full support of FPE 2010 (Version 11.0.727.0) for Exchange 2010 SP3 (and Rollup Updates)?
    Thomas

    Hi,
    It seems that FPE 2010 for exchange 2010 SP3 is supported and you need to install the Rollup 4. For more detailed information, please refer to the link below:
    Hotfix Rollup 4 for Microsoft Forefront Protection for Exchange
    Updates for Microsoft Forefront and Related Technologies
    Hope this helps!
    Susie

Maybe you are looking for

  • ITunes can't find my external hard drive music

    Hello, our computer crashed recently and I have restored Windows Vista and iTunes. All of our music is stored on an external hard drive (drive I). There is a main "iTunes music" folder, and then there are a ton of folders in there that are named by m

  • HTTPService is not working.

    I  have an application in which I send an HTTP request using HttpService.send. It works fine when I run it using FlexBuilder but when I simply open the main.html file in web browser(directly) it stops working. In this case no Http Request is sent and

  • Error in Receiver JDBC communication channel

    Hi friends, I am getting an error in communication channel while inserting xml data into ORACLE database. Error is like "Message processing failed. Cause: com.sap.aii.af.ra.ms.api.RecoverableException: Error processing request in sax parser: Error wh

  • USER Wise UDFs

    Dear All, I have created for example 20  UDFS in marketing document. Out of this i have set 10 UDFs for Sales order to user A. Can i copy the same setting to User B for sales order. Since manually loging in to respective user and setting UDF consumes

  • Digital ı/o problem in mseries 6229 daq card

    In our lab, we have a 6229 M series daq card. We want to send digital output , ( three square waves and their direction values for driving 3 dc motors. We will change pulses or frequencies during application). we tried to send the signals from single