This is interesting. Please clarify, so if the internal Exchange hostname (Exchange 2010) is referenced as mail.domain.local, and we install a 3rd party cert on the server for the external hostname extmail.domain.com, again assuming both names are pointing to the same server, Outlook would know this and not have issues? Or am I reading that incorrectly?
From: [email protected] [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Monday, June 22, 2015 12:18 PM To: [email protected] Subject: RE: [Exchange] Fwd: Internal / external certs Whoa. Hold on. Outlook “knows” when it is connecting to an internal address via an external address. For internal addresses, Outlook will use a self-signed cert. It’s only external connections that need a third-party cert. That being said, I prefer split-brain DNS. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Steve Ens Sent: Monday, June 22, 2015 1:11 PM To: Micheal Espinola Jr Subject: RE: [Exchange] Fwd: Internal / external certs Plus one. On Jun 22, 2015 11:40 AM, "Richard Stovall (RDI)" <[email protected]<mailto:[email protected]>> wrote: Split brain DNS, as much as Ben hates it, may be your answer here. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Candee Sent: Monday, June 22, 2015 12:21 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] Fwd: Internal / external certs Hi everyone. I am updating our Exchange certificates, and we can no longer use our internal .local. There are no plans to change our AD; so I'm trying to find the best way to do this. If I just point our internal EWS, etc, to the external URL, is that going to work? I found a few posts that say yes; but a few that say that Outlook Anywhere will stop working. Anyone have any experience with this one? Hints? Thanks!! Candee
