I'm doing a planned certificate upgrade on a single Exchange 2010 Server with no changes to the domain and wanted to know if the new certificate will require any client side action on my part. Particularly the concern is remote mobile devices but also local Outlook 2010's.
Asked
Active
Viewed 807 times
1 Answers
0
No. Provided you use the same configuration as exists already, and you are having the certificate issued from a public certification authority which is trusted by the devices (i.e. any main-stream SSL certificate vendor), you don't need to make client-side changes. The client side's trust of the certificate is bootstrapped by its trust of the issuer, which means it will in turn trust the certificate issued to your Exchange Server.
Of course, if you change any settings, you might no longer be compatible with the configuration of your Exchange installation.
Cosmic Ossifrage
- 1,610
- 14
- 23
-
Thanks a ton I would upvote but I'm new. No changes will be made just the Exchange certificate replacement and requisite Exchange Services assignment (IMAP, SMTP) etc. I'll run Get-ExchangeCertificate | FL * before and after to make sure the Services have been applied to the correct Cert. As a side note GoDaddy provides a .crt and Exchange wants a .cer but that's easily converted [link]http://www.networksolutions.com/support/what-is-the-difference-between-a-crt-and-a-cer-file/[link] – Johnny Kessel Sep 12 '14 at 15:10