In this step-by-step video, we demonstrate how to replace the default Single Domain, Exchange 2010 self-signed certificate (or an expired one) with a self-signed multiple domain (UCC) certificate.
In step1 of the Screencast, we check the existing certificates on our Exchange 2010 CAS and generate a new self-signed, Exchange 2010 Multiple Domain certificate:
The new certificate is not trusted both by domain (local) and remote clients. In step2 we export the generated self-signed UCC with its public key:
Step 2 – export certificate
Step 2: Export the generated self-signed UCC with its public key.
Then, we create a new Group Policy, and add the certificate as a trusted root certificate to all domain clients:
Step 2 – create GPO
Step 2: Create a GPO to add a trusted certificate to Domain Clients.
In step 3, we publish the certificate to the web server running OWA:
Step3: Publish Self-signed UCC to OWA site
Step 3: Publish Self-signed UCC to OWA web site.
Then we download and install it on a remote client. The new self-signed UCC certificate is tested by running OWA and configuring Outlook Anywhere on the remote client:
Step3: Import Self-signed UCC Public Key
Step 3: Import Self-signed UCC Public Key.