Whoa. Hold on. Outlook “knows” when it is connecting to an internal address via an external address. For internal addresses, Outlook will use a self-signed cert. It’s only external connections that need a third-party cert.
That being said, I prefer split-brain DNS. From: [email protected] [mailto:[email protected]] On Behalf Of Steve Ens Sent: Monday, June 22, 2015 1:11 PM To: Micheal Espinola Jr Subject: RE: [Exchange] Fwd: Internal / external certs Plus one. On Jun 22, 2015 11:40 AM, "Richard Stovall (RDI)" <[email protected]<mailto:[email protected]>> wrote: Split brain DNS, as much as Ben hates it, may be your answer here. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Candee Sent: Monday, June 22, 2015 12:21 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] Fwd: Internal / external certs Hi everyone. I am updating our Exchange certificates, and we can no longer use our internal .local. There are no plans to change our AD; so I'm trying to find the best way to do this. If I just point our internal EWS, etc, to the external URL, is that going to work? I found a few posts that say yes; but a few that say that Outlook Anywhere will stop working. Anyone have any experience with this one? Hints? Thanks!! Candee
