I used to be a fan of RapidSSL certificates and used them extensively. I stopped using them because they didn't have their root certificate on mobile devices - this is still the case unless something has changed recently. While it is possible to install the root certificate on the devices when I found I could get cheaper certificates that were already trusted by mobile devices without any additional work it was a simple decision to go elsewhere.
Wildcard certificates can have issues with certain types of mobile devices (particularly older Windows Mobile 5 devices) and need additional configuration for Outlook Anywhere. If your internal domain doesn't match the domain of the certificate then additional configuration of Exchange is required. You will also need to run a split DNS system internally so that the external name can be used internally. If you are using the UM role, then they aren't suitable at all, as the UM roles requires the FQDN of the server to be one of the additional names. Otherwise it simply regenerates a self-signed certificate. Simon. -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: [email protected] w: http://www.sembee.co.uk/ w: http://www.amset.info/ w: http://blog.sembee.co.uk/ Need cheap certificates for Exchange, compatible with the iPhone? http://CertificatesForExchange.com/ for certificates from just $26.99. Need a domain for your certificate? http://DomainsForExchange.net/ Exchange Resources: http://exbpa.com/ -----Original Message----- From: Brian Cheung [mailto:[email protected]] Sent: 07 March 2011 14:26 To: MS-Exchange Admin Issues Subject: RapidSSL Wildcard certificate Does anyone here have any experience using RapidSSL wildcard certificate for Exchange 2010 SP1? I've only seen suggestions towards using SAN/UC certificates. --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe exchangelist
