The problem is not so much with IMAP or SMTP. You can easily use IIS to create separate certificate requests so those services. In the MS Exchange2007 Management Console (GUI) it is pretty easy to select the certificate to use for IMAP SSL connection. For some very odd reason you have to use the Exchange Power Shell (command line) to specify the certificate for the SMTP TLS connection (you have to specify the "thumbprint" of the certificate you want to use.)
Digress: if Microsoft WON"T give you a GUI way to do something, wouldn't it be simpler just so stick with simple configuration files like a lot of unix/linus stuff? I realize the powershell stuff lets to script stuff, which is great for adding 500 users. Anyway, the problem is really with some of MS Exchanges web-based Client Access Services (autoconfigure service, which also handles things like scheduleing )- If you configure outlook 2007 to use "exchange1" it will connect to IIS, get the mismatched certificate, and complain. This gets worse if you have multiple Exchange servers. Re: Confusion about subject alternative names Peter Sylvester Thu, 02 Sep 2010 01:53:49 -0700 Since webmail, imap, smtp(s) all operate on different ports, and you have different listeners, the correct way to me seems to use three certificates with the desired hostnames etc. Having the same IP address doesn't matter in this particular case.