Hi, not sure if anyone has realized this recently, most certificate issuers like Thawte, Verisign, Go-Daddy, can no longer approve Certificate request that contain internal DNS server names. The new Certificate Guidline can be found here:https://www.cabforum.org/Baseline_Requirements_V1.pdf
This creates a small but annoying problem for peopel uses public trusted certificate with their Exchanges. Because the certificate can no longer contain internal address like mailserver.local or mailserver.contoso.int, when users access Outlook internally, they get certificate "Warning" telling them the server name does not match the certificate subject names.
Anyone encounter this issue recently and knows how to by pass it?
