SBS 2008 / Exchange 2007 – Single Common Name SSL Certificate




#Change this value to match the name of the external certificate
#Change this value to match the real name of the server

Get-ClientAccessServer | Set-ClientAccessServer -AutodiscoverServiceInternalUri https://$URLNAME/autodiscover/autodiscover.xml
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl https://$URLNAME/ews/exchange.asmx
Get-OABVirtualDirectory | Set-OABVirtualDirectory -InternalURL https://$URLNAME/OAB -ExternalURL https://$URLNAME/OAB
Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalURL https://$URLNAME/Microsoft-Server-ActiveSync -ExternalURL https://$URLNAME/Microsoft-Server-ActiveSync
Set-OutlookAnywhere -identity "$computername\RPC (Default Web Site)" -ExternalHostname $URLNAME

Exchange 2007 (none-SBS):
Set-OWAVirtualDirectory -identity "$computername\owa (Default Web Site)" -InternalURL https://$URLNAME/owa -ExternalURL https://$URLNAME/owa

SBS 2008:
Set-OWAVirtualDirectory -identity "$computername\owa (SBS Web Applications)" -InternalURL https://$URLNAME/owa -ExternalURL https://$URLNAME/owa
Set-UMVirtualDirectory -Identity “$computername\unifiedmessaging (SBS Web Applications)” -InternalUrl https://$URLNAME/unifiedmessaging/service.asmx

Run get-exchangecertificate and note the thumbprint on the new certificate (watch out for dublets!)

Run Enable-exchangecertificate -thumbprint <TUMBPRINT> -services SMTP,IIS,POP,IMAP

Run iisreset

Restart the Microsoft Exchange services

Restart Clients Pc’s

Using SRV Record for Exchange 2007/2010 Autodiscover

You can use a SRV record for exchange Autodiscover services, just create a srv record named:

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: [Hostname of the server]

Host:, Port 443, host:


You can test the configuration here: choosing Outlook Autodiscover

Change port used by Exchange 2007 / 2010 send connector when using smarthost

Some smarthost providers/smtp relay servers will only allow you to connect to ports other than port 25 or your ISP is blocking outgoing port 25.

In both cases you have to change the SendConnector port, this can’t be done in the exchange management console, so you have to use the Exchange Managment Shell.

List SendConnectors and port nummers:

Get-SendConnector | ft Id*,Sm*s,po*

Change the port for SendConnector:

Set-SendConnector "[SendConnector name]" -port [Port nummer]


Set-SendConnector “OutboundMail” -port 3535