Search This Blog

Monday, November 25, 2013

install / configure exchange 2013 using one public certificate, in two domain space situation

on the positive side, I achieve using one certification to get exchange 2013 working by checking via the microsoft online testing tools.

in a two domain scenario, I mean, for example,  the customer has tophead.net on the internet, but their internal AD domain is tophead.com. and tophead.com belongs to someone else.

the trick to solve the issue is to created an internal AD dns zone tophead.net. eventually we are using split brain dns.

create a dns record for the server in both ad zones like mail.tophead.net and mail.tophead,com

set all exchange 2013 CAS URL to mail.tophead.net , both internally and externally .

so you only buy one certificate for mail.tophead.net

for outlook auto discovery, in the public dns , add service records like _srv_tcp .....

hopefully your dns provider supports that kind of srv records.

I tried to use autodiscover cname, but that doesn't work for me. funny that works for MS O365.



No comments:

Post a Comment