Does Exchange 2010 server require 3 external IP addresses?

Mint asked:

I’v just started looking into buying a new cert to upgrade from our 2003 SBS server to Exchange 2010.

Since Exchange 2010 uses 3 (in our case) subdomains then would that mean we need to have 3 external IP addresses too?

As each of these domains are used both internally and externally.

mail.company.com
autodiscover.company.com
legacy.company.com

Or am I missing something?

I know with web servers you can use SNI to get multiple certs on one IP, but I also know that this isn’t supported to well with older browsers, thus people tend to not use SNI.

My answer:


Only if you need to support Windows XP/2003 clients must you avoid SNI. Vista/2008 and later have full support for SNI. For more, see Multiple SSL domains on the same IP address and same port?

You could also use a wildcard certificate, or a certificate using multiple subject alternate names, sometimes marketed as a “unified communication” certificate; such a certificate would allow you to continue using a single IPv4 address.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.