Using Exchange 2010. I have a single-domain cert for mail.mydomain.com now and I know I need more than that.
I want to get a wildcard cert but I've got a guy that's telling me that wildcard certs won't work on cell phones. I want to support iPhones and Android phones; will one wildcard cert do the job?
The more I read, the more confused I get. Can someone help me out?
Are you trying to support active sync? That can be done via your existing mail.mydomain.com domain. You should only need the single cert.
We used a Subject Alternate Name (SAN) certificate for our migration from Exchange 2003 to 2010. We did this to support people using the legacy server(2003) and the new server (2010). We chose Entrust from This List and have not had any problems with iPhones, Android, or any other ActiveSync client.
If you are only using Exchange 2010, and you use the same hostname internally as externally, you should be able to use just the single name certificate. Our server is named EXCHANGE, but our users have always typed "mail.domain.com" for webmail. So, we needed our certificate to be valid for exchange.domain.com, internally, and mail.domain.com, externally.
If your users are going to use the same name internally as externally, you should be fine using the existing certificate.
If you can't do that, a SAN certificate or "Unified Communications" certificate will do what you need.
Also, if you use Entourage for Mac or "Outlook Anywhere", I believe the certificate must be validated by the client or it will either not connect or it will prompt you to accept the certificate every time you log in.
The Multidomain (UCC) certificate is best available option for you. Also it will work on cell phones.
Unified Communications Certificates (UCC) are SSL Certificates that secure multiple domains (such as
www.foo.comandwww.bar.com) and multiple hostnames within a domain (such assecure.example.com,www.example.com, andwww.example.co.uk). They allow you to secure a primary domain, and up to 99 additional Subject Alternative Names, in a single certificate. UC Certificates support Microsoft Exchange Server 2007 and Microsoft Live Communications Server.
