After an SSL certificate has been installed on an Exchange Server 2010 server you can assign different Exchange services to use that certificate.
To assign a service to a certificate launch the Exchange Management Console. Navigate to Server Management, and select the server that has the certificate installed.
If you encounter an error message of “The certificate is invalid for exchange server usage“ see this article for the solution.
Right-click the certificate you wish to assign and choose Assign Services to Certificate.
Click Next to continue the wizard.
Choose the services you wish to assign to the certificate. In this example I am choosing IIS so that the certificate can be used for OWA, ActiveSync, etc.
Click Assign to execute the change.
When the task has completed successfully click Finish to close the wizard.
The certificate will now appear with the chosen services assigned to it.
About Paul Cunningham
Hi Paul first let me say great website and Book. I have an issue possibly in regards to this issue. I have inhereted a position where my first project is to complete the 2010 migration from a mixed exchange environemnt. Here is my issue. I am recieving the error message “Security Alert [CAS-SVR2007.domain.com] The name on the security certificate is invalid or does not match the name of the site” The user in question is a user recently migrated to 2010 mailbox data base. I’m not sure why its looking at the 2007 CAS server when the mail box has been migrated to 2010.
old system: 2003 backend –> CAS-SVR2007 Frontend. New System: EX0A-EX0B (DAG configured), EX0B CAS 2010. SAN ctertificate is configured for new exchange system
Hi Brian, if you’ve got both Ex2007 and Ex2010 CAS in the same AD Site then Outlook 2007/2010 clients can and will connect to either one for various web services (eg Autodiscover, Availability) under different scenarios.
Putting a trusted cert on the CAS would be the simplest fix. If you have an internal CA you can just issue the cert from there.
Do we need to restart IIS after the service has been assigned to a certificate for owa, Activesynch etc?
What is the syntax of the entry into a mobile device to attach via activesynch?
Do we need to restart IIS after the service has been assigned to a certificate for owa, Activesynch etc?
What is the syntax of the entry into a mobile device to attach via activesynch?