Hybrid Deployment and Wild Card certificate

%3CLINGO-SUB%20id%3D%22lingo-sub-69772%22%20slang%3D%22en-US%22%3EHybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-69772%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3Ei%20have%20a%20hybrid%20deployment%20with%20Exchange%202013%2C%20can%20i%20use%20a%20wild%20card%20certificate%20with%20the%20hybrid%20server%20for%20the%20autodiscover%20and%20hybrid%20records%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-69772%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-70262%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-70262%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20Silva%20for%20your%20support%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-70223%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-70223%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Teka%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20read%20more%20at%20the%20article%20as%20it%20mention%20%22Use%20as%20few%20certificates%20as%20possible%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd351044(v%3Dexchg.160).aspx%23BestPractices%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd351044(v%3Dexchg.160).aspx%23BestPractices%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20use%20more%20than%20one%20certificate%20but%20be%20is%20advised%20to%20use%20a%20few%20or%20just%20the%20Wildcard%20with%20SAN's%2C%20but%20it%20always%20depend%20on%20the%20third%20party%20CA.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-70214%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-70214%22%20slang%3D%22en-US%22%3E%3CP%3Eand%20what%20will%20happen%20if%20i%20used%202%20certificates%201%20for%20the%20hybrid%20server%20and%20another%20one%20for%20other%20servers%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-70206%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-70206%22%20slang%3D%22en-US%22%3E%3CP%3EFor%20best%20experience%20and%20to%20keep%20the%20configuration%20simple%2C%20you%20should%20install%20the%20same%20certificate%20across%20all%20Exchange%20Infrastructure.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-70205%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-70205%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3Edo%20i%20need%20to%20install%20the%20new%20certificate%20in%20all%20servers%20or%20only%20the%20hybrid%20server%20and%20keep%20the%20old%20certificate%20on%20the%20other%20servers.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-69781%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-69781%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20your%20support.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-69777%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-69777%22%20slang%3D%22en-US%22%3EYes%2C%20that's%20it.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-69775%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-69775%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20reply%2C%3C%2FP%3E%3CP%3Eso%20i%20will%20import%20it%20as%20*.mydomain.com%20and%20that's%20it%3F%20athen%20i%20point%20autodiscover%20and%20hybrid%20DNS%20records%20to%20it%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-69774%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Deployment%20and%20Wild%20Card%20certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-69774%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Teka%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYes%2C%20you%20can%20use%20it%20for%20all%20Hybrid%20deployment.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hi All,

i have a hybrid deployment with Exchange 2013, can i use a wild card certificate with the hybrid server for the autodiscover and hybrid records?

9 Replies
Highlighted

Hi Teka,

 

Yes, you can use it for all Hybrid deployment.

Highlighted

Thanks for the reply,

so i will import it as *.mydomain.com and that's it? athen i point autodiscover and hybrid DNS records to it?

Highlighted
Yes, that's it.
Highlighted

Thanks for your support.

Highlighted

Hi

do i need to install the new certificate in all servers or only the hybrid server and keep the old certificate on the other servers.

Highlighted

For best experience and to keep the configuration simple, you should install the same certificate across all Exchange Infrastructure.

Highlighted

and what will happen if i used 2 certificates 1 for the hybrid server and another one for other servers?

Highlighted

Hi Teka,

 

You can read more at the article as it mention "Use as few certificates as possible"

 

https://technet.microsoft.com/en-us/library/dd351044(v=exchg.160).aspx#BestPractices

 

You can use more than one certificate but be is advised to use a few or just the Wildcard with SAN's, but it always depend on the third party CA.

Highlighted

Thanks Silva for your support