Hi folks,
I have a server an Exchange server named vmINFRA-EXCH1. It acts as all roles (MB/CA/HT etc). I have internal DNS entry pointing mail.domain.com to the internal IP address of vmINFRA-EXCH1. I also have external DNS entry pointing mail.domain.com to the external IP address of vmINFRA-EXCH1.
I've purchased a certificate from Thawte, for mail.domain.com, domain.com, and autodiscover.domain.com. https://mail.domain.com/owa and /ecp are working fine, and I've left autodiscover disabled for now (I'll enable this later in the year).
The problem I now have is that Outlook users, connected to the internal network and joined to the domain.com AD domain, experience a certificate error when they configure their Outlook and start it up each day. It's because their Outlook always configures itself to vminfra-EXCH1.domain.com, which isn't included in the certificate. I've tried manually reconfiguring the Outlook profiles to point to mail.domain.com, but it always reverts back to vminfra-EXCH1.
Is there a way to change this behaviour, or am I going to have to send back the certificate and get an additional SAN on for vminfra-EXCH1.domain.com? Also, is there any danger of breaking the Exchange IIS virtual directories by forcing all access to mail.domain.com only?
Many thanks,
Alistair