From August 19th 2020, SECTIGO issues SSL certificates with a maximum lifetime of 398 days (13 months) as specified by CA/Browser consortium. SSL certificates with a longer lifetime must be re-issued annually (free of charge). You'll receive reminders via e-mail. SSL certificates issued before August 19th 2020 remain valid until their planned expiry date. Code Signing & S/MIME certificates are not affected and remain valid until their planned expiry date.

Microsoft Exchange server: which SSL to use? What about autodiscover. subdomain?

Symptom: internal access is working properly, but accessing with Outlook from remote locations is showing an error that autodiscover.yourdomain.com is not part of the SSL certificate.

Solution:

Don't use a single domain certificate, but a wildcard or mutli-domain certificate that not only includes "mail.company.com" but also "autodiscover.company.com".

If you have already ordered a single domain certificate, you can use the 14 days money-back-guarantee and replace it with the proper one.


Multi-Domain certificate:

As with a single domain certificate, create the CSR for "mail.company.com". When placing the CSR inside "My InterSSL", add "autodiscover.company.com" as a SAN Slot.


Wildcard certificate:
Simply create a CSR for *.company.com.  The autodiscover. domain will automatically be covered by the wildcard certificate.



White Paper: Understanding the Exchange 2010 Autodiscover Service

https://technet.microsoft.com/en-us/library/jj591328(v=exchg.141).aspx

Was this answer helpful?

 Print this Article

Also Read

Can i obtain a SSL certificate for a server with dynamic IP / DNS / DynDNS address? What about synology.me, myqnapcloud.com, dyndns.org subdomains?

Yes, it is possible to obtain a SSL certificate for dynamic IP based servers. For mail...

SSL Order API

InterSSL offers API access on request, which allows you to perform order automation and SSL...

Is my X.509 certificate (.CRT) matching my private key and CSR files ? - OpenSSL commands for checking ...

You can use openssl to verify, wheter private-key, .CSR and .CRT are matching together: root@my...

PositiveSSL Multi-Domain - How to change approval email address per domain (multidomain)

For example, if "admin@" is selected as approver having main domain specified as "domain.com" and...

ErrorCode:-9009|Message:Vendor returns error:ErrorField:CSR|ErrorMessageThe common name in the CSR does not match the site's domain name

This error may occur when you are re-issuing a certificate and are using a different COMMON NAME...