Today we are announcing the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previo...
Updated Feb 22, 2024
Version 11.0
Blog Post
According to the prerequisite section of Extended Protection when having SSL Bridging, the same SSL certificate must be used on both the Exchange servers and the load balancers. We don't have a certificate on our load balancer, however, our configuration includes the use of both a Web Application Firewall (WAF) and a Mobile Device Management (MDM) system, through which ActiveSync devices synchronize their mailboxes. These systems utilize different SSL certificates compared to those used on the Exchange servers.
My questions are as follows:
- Is the use of different SSL certificates for the WAF and MDM systems, compared to the Exchange servers, considered a form of unsupported SSL Bridging?
- Assuming this configuration is considered unsupported SSL Bridging, would it still be possible to enable Extended Protection as an initial step and then disable it specifically for the ActiveSync virtual directory to avoid compatibility issues?
Thank you in advance for your support and guidance on these issues.