RSS Feed
Knowledgebase : Comodo Certification Authority > Certificates > SSL > SSL Technical FAQs > Unified Communications Certificates
DESIGNED EXCLUSIVELY FOR MICROSOFT EXCHANGE AND OFFICE COMMUNICATIONS INFRASTRUCTURES, COMODO'S UNIFIED COMMUNICATIONS CERTIFICATES ALLOW A SINGLE CERTIFICATE TO PROVIDE SSL-SECURED COMMUNICATIONS FOR MULTIPLE DOMAINS AND MULTIPLE HOST NAMES OPERATING ON A SINGLE IP ADDRESS. WHAT DOMAINS SHOULD I INCLUDE IN MY UCC CERTIFICATE ? Currently, All CAs are issuing UC certificates with fully qualified domain names (FQDN) only as per the CA/B Forum. Certificate requests with non-fully qualified nam...
WHAT SHOULD I USE AS MY 'PRIMARY' COMMON NAME? Your primary common name in a Unified Communications Certificate should be the main URL used to access the server (normally an FQDN external domain). For compatibility with older mobile devices it is recommended that you use the URL that your mobile devices connect to as the primary common name. For more information on the Office Communications Server 2007 Certificate Wizard and installing certificates for Office Communications Server, see the ...
Requesting a replacement UCC certificate If for whatever reason you find yourself in need of a replacement UC Certificate (requested for the incorrect domain names, server failure, Unable to export / backup the certificate, extra domains required, etc.) and you wish to request that we replace this for you please follow the below steps. Insure you have read and understand the UCC articles entitled: * Generating your Unified Communications Certificate (UCC) CSR * What should I use as my P...
The Unified Communications Certificates are Licensed for unlimited physical servers.
Enable-ExchangeCertificate : The certificate with thumbprint XXXXXXXXX was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing). At line:1 char:27 + Enable-ExchangeCertificate -Thumbprint XXXXXXXXX -Services "IIS" The above error can as a result of multiple reasons. CSR was created with IIS and attempted to be installed through the Exchange Management Shell (EMS), CSR was created in EMS on another Exchange Server, a damaged certificate, or Windows simply "forge...
Enable-ExchangeCertificate : The certificate with thumbprint XXXXXXXXX was found but is not valid for use with Exchange Server (reason: PrivateKeyMissing). At line:1 char:27 + Enable-ExchangeCertificate -Thumbprint XXXXXXXXX -Services "IIS" The above error can as a result of multiple reasons. CSR was created with IIS and attempted to be installed through the Exchange Management Shell (EMS), CSR was created in EMS on another Exchange Server, a damaged certificate, or Windows simply "forge...
You will need to use the below command to assign/enable services to any existing certificate on the server that is correctly installed and has a matching private key. EXAMPLE COMMAND(S): Exchange 2007: ENABLE-EXCHANGECERTIFICATE -THUMBPRINT $THUMBPRINT -SERVICES "POP, IMAP, IIS, SMTP" Exchange 2010 and 2013: ENABLE-EXCHANGECERTIFICATE -THUMBPRINT $THUMBPRINT -SERVICES POP, IMAP, IIS, SMTP NOTE: The lack of quotation marks on Exchange 2010 on the -SERVICES Flag! You will need to re...
Microsoft ISA Server and SAN Certificates ISA Server 2006 SP1 includes Support for certificates with multiple Subject Alternative Name (SAN) entries in published web servers. Previous to this release this is not correctly support by ISA servers. Please insure that you are using ISA Server 2006 with Service pack 1 installed if you wish to take advantage of Subject Alternative Name (SAN) entries in your certificate.
INTERNAL NAMES NOTE: You can no longer include internal names/reserved IP address in your certificates. All publicly trusted SSL Certificates issued to internal names and reserved IP addresses will expire before November 1, 2015. WHAT SUBJECT ALTERNATE NAMES (SANS) SHOULD BE INCLUDED IN AN EXCHANGE 2010 CERTIFICATE? Finding the SANs that need to be included in your Unified Communications (UC) Certificate for Exchange 2010 has been simplified. You can use the Microsoft Exchange Certificate Wiz...
Question: Why does my old cert show for OWA even though I replaced it? Answer: This typically happens when a certificate is installed via the Exchange Management Shell. (EMS) When installing a cert via the EMS, you don't have the ability to specify the website the certificate is being used on, so you must tell IIS to use the right certificate via the IIS Manager. IIS 6 1. Right-Click on the website that contains the OWA folder. 2. Click on Properties. 3. Click on the Directory Sec...
INTERNAL NAMES NOTE: You can no longer include internal names/reserved IP address in your certificates. All publicly trusted SSL Certificates issued to internal names and reserved IP addresses will expire before November 1, 2015. WHAT SUBJECT ALTERNATE NAMES (SANS) SHOULD BE INCLUDED IN AN EXCHANGE 2010 CERTIFICATE? Finding the SANs that need to be included in your Unified Communications (UC) Certificate for Exchange 2010 has been simplified. You can use the Microsoft Exchange Certificate Wiz...