How to assign wildcard certificate to IMAP service

Modificato il Mon, 09 Dec 2019 alle 02:45 PM

If you have an Exchange installation with Wildcard cert and you try to assign that cert to IMAP service, Exchenge return this error:


WARNING: This certificate with thumbprint <ID> and subject <*.domain.com>
cannot used for IMAP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command
Set-IMAPSettings to set X509CertificateName to the FQDN of the service.


From: 

https://docs.microsoft.com/en-us/powershell/module/exchange/client-access/set-imapsettings?view=exchange-ps#parameters


You have to use this powershell command:


Set-ImapSettings -X509CertificateName host.domain.com


There is also the following note: 

For single subject certificates or a SAN certificates, you also need to assign the certificate to the Exchange IMAP service by using the Enable-ExchangeCertificate cmdlet. For wildcard certificates, you don't need to assign the certificate to the Exchange IMAP service (you'll receive an error if you try).



Now check the certificate with openssl (the guide here)


Questo articolo ti è stato utile?

Fantastico!

Grazie per il tuo feedback

Siamo spiacenti di non poterti essere di aiuto

Grazie per il tuo feedback

Facci sapere come possiamo migliorare questo articolo!

Seleziona almeno uno dei motivi
La verifica CAPTCHA è richiesta.

Feedback inviato

Apprezziamo il tuo sforzo e cercheremo di correggere l’articolo