Exchange Server 2010 SSL Cert RPC Server Name

Question

New SSL certificates cannot contain internal server names, starting sometime in 2015. Right now I have a SAN certificate (certificate with a few names on it). Two are external mail.domain.com and autodiscover.domain.com. One is internal server.domain.internal. I have my Exchange server setup to use external domain names for all connections. Everything works, including Outlook Anywhere.

However when connected a new client (Outlook account) the server name that gets filled into the setup is the internal server name. Also when running an AutoConfiguration test in Outlook the internal server name is filled in for RPC server name.

When getting a new certificate I cannot request a certificate that contains an internal name. So I would like to get this fixed as I believe it will cause issues with the certificate not containing the internal name.

I've found this article about Client Access Server Arrays (http://exchangeserverpro.com/exchange-server-2010-cas-array/). Am I on the right page or am I not thinking correctly here.

Answer 1

Following the steps in the article mentioned above did clear my issues. The RPC server name is now the same as the external name. This will allow us to comply with the new SSL certificate requirements and our clients will not experience any certificate errors.