Exchange 2010: Multiple DNS names in a single Certificate (same domain name)?


I need to bring up an Exchange 2010 server in an organization that already has an Exchange 2007 server. I would like the auto-redirect for the organization to work (i.e. we set up a single DNS name, like, and then the website automagically redirects the user to if their mailbox is in exchange 2007 instead of Exchange 2010).

My experience with Comodo has been thus:

If you request multiple Common Names, the first name request is honored, any alias names in the CSR are ignored. However, Comodo automatically tacks onto your InstantSSL certificate.

I quote from Microsoft documentation on the matter:
"If you’ve done this correctly, then when clients access the Exchange 2010 CAS Server using, and their mailbox is still on Exchange Server 2007, they are silently redirected to, which is actually the Exchange 2007 CAS Server. This therefore means that the current publishing rules on the TMG Server need to be changed as well for this upgrade to work:

1.The Unified Communications certificate has to include the FQDN. Instead of using a new Unified Communications Certificate it is also possible to use a wildcard certificate, which is fully supported in Exchange Server 2010. "

So how do I go about this? I don’t think a wildcard certificate will work in our instance, since (with a free Comodo alias of is already taken :wink:

Purchase a Unified Communications certificate. It will not exhibit the above issue, and will allow you to add as many alternate names to the certificate as required (although you will pay for extras).