Question : Multiple trusted certificates on SBS 2008

We've had our customers using Outlook Anywhere for some time without issues. However, an issue has now come to light with one customer who is using SBS 2008. Their remote workers have been using VPN connections to access file shares on the server. So anytime they have Outlook open remotely, they tend to have the VPN connection already in place.

However, we're now moving them over to use Sharepoint for storing and sharing their files - so we've removed their VPN connections. All working fine until someone wants to put their Out of Office on...and it doesn't work.

The reason being that they don't have a certificate for autodiscover.theirdomain.com and the certificate they do have is a single name cert.

Can't believe this hasn't come to light before, but checking round I realise that the majority of Outlook Anywhere users we look after are still using SBS 2003. Those that are using SBS 2008 tend to be office bound - and when they put their out of office on, they tend to be in the office.

I realise I can replace their current certificate with a wildcard one to include the autodiscover hostname. We generally use RapidSSL - $96 for 2 years for single certs, compared to $348 for wildcards. So it's actually cheaper to have two singles than a wild card.

But is it possible to install a separate certificate on SBS 2008 just for autodiscover? Or does the $150 saving not really justify the additional work?

Answer : Multiple trusted certificates on SBS 2008

All Exchange Web Functions are running in one IIS website.
So you can only have one SSL Certificate.

You could try to move parts of Exchange Webfeatures out of that website to attach another SSL Certificate in another website within IIS.
I'd not recommend to do that, this can cause several issues when you try to do further configuration with you SBS tools.

So $150 cost saving in my opinion would not justify the additional work witch would be about several hours that everything keeps working and you've tested everything completely.

Random Solutions

Running the System Update readiness tool.

How do I activate a product key for Windows 7 professional on a pushed machine

Can't locate DBI.pm in @INC

Broken WSUS on SBS 2003 because of MSDE

Intel(R) Celeron(R) D CPU 3.06GHz on a Linux machine

exchange 2010, user has left company, simple way to get all users new emails to different user?

WSUS Clients not reporting to the WSUS console or SBS 2008 Console

limit browsing on xp machine to one web site

Function in excel

Changing hte ip address of the Symantec Endpoint Protection Server