Microsoft Exchange server: which SSL to use? What about autodiscover. subdomain?

Symptom: internal access is working properly, but accessing with Outlook from remote locations is showing an error that autodiscover.yourdomain.com is not part of the SSL certificate.

Solution:

Don't use a single domain certificate, but a wildcard or mutli-domain certificate that not only includes "mail.company.com" but also "autodiscover.company.com".

If you have already ordered a single domain certificate, you can use the 14 days money-back-guarantee and replace it with the proper one.


Multi-Domain certificate:

As with a single domain certificate, create the CSR for "mail.company.com". When placing the CSR inside "My InterSSL", add "autodiscover.company.com" as a SAN Slot.


Wildcard certificate:
Simply create a CSR for *.company.com.  The autodiscover. domain will automatically be covered by the wildcard certificate.



White Paper: Understanding the Exchange 2010 Autodiscover Service

https://technet.microsoft.com/en-us/library/jj591328(v=exchg.141).aspx

Was this answer helpful?

 Print this Article

Also Read

How long does it take until HTTP based authentication is verified?

Typically HTTP-based authentication will be done within a couple of minutes. If you think the...

COMODO, PositiveSSL: idAuthority Credentials NOT available for this site

The message "idAuthority Credentials NOT available for this site" can occur with the COMODO or...

Can i obtain a SSL certificate for a server with dynamic IP / DNS / DynDNS address? What about synology.me, myqnapcloud.com, dyndns.org subdomains?

Yes, it is possible to obtain a SSL certificate for dynamic IP based servers. For mail...

What is PRE-SIGN FAILED? What is a CAA record? - DNS Certification Authority Authorization (CAA) Resource Record

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name...

Windows/IIS/MMC: What do to with "Error HRESULT: 0x80070520"?

In very rare cases this error might show up during installation on Windows Server. The cryptic...