Exchange 2019: Determine host names for the certificate

Frank Zöchling

4 years ago

Once an Exchange 2019 server has been configured, an SSL certificate needs to be installed. For the correct configuration of the certificate, the hostnames that are relevant for the certificate must be determined. The following script reads the hostnames from the configured URLs of the virtual directories and displays the corresponding hostnames in the Exchange Management Shell. The script does not perform any configuration and is only used to check the configuration and to help with the configuration of the certificate:

#Getting Exchange FQDNs from configured URLs
#Local Server Name
try {
 $ExchangeServer = (Get-ExchangeServer $env:computername).name
}
catch {
}
#Autodiscover
try {
 $AutodiscoverFQDN = ((Get-ClientAccessService -Identity $ExchangeServer).AutoDiscoverServiceInternalUri.Host).ToLower()
 [array]$CertNames += $AutodiscoverFQDN
}
catch {
}
#Outlook Anywhere
try {
 $OAExtFQDN = ((Get-OutlookAnywhere -server $ExchangeServer).ExternalHostname.Hostnamestring).ToLower()
 [array]$CertNames += $OAExtFQDN
 $OAIntFQDN = ((Get-OutlookAnywhere -server $ExchangeServer).Internalhostname.Hostnamestring).ToLower()
 [array]$CertNames += $OAIntFQDN
}
catch {
}
#OAB
try {
 $OABExtFQDN = ((Get-OabVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $OABExtFQDN
 $OABIntFQDN = ((Get-OabVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $OABIntFQDN
}
catch {
}
#ActiveSync
try {
 $EASIntFQDN = ((Get-ActiveSyncVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $EASIntFQDN
 $EASExtFQDN = ((Get-ActiveSyncVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $EASExtFQDN
}
catch {
}
#EWS
try {
 $EWSIntFQDN = ((Get-WebServicesVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $EWSIntFQDN
 $EWSExtFQDN = ((Get-WebServicesVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $EWSExtFQDN
}
catch {
}
#ECP
try {
 $ECPIntFQDN = ((Get-EcpVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $ECPIntFQDN
 $ECPExtFQDN = ((Get-EcpVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $ECPExtFQDN
}
catch {
}
#OWA
try {
 $OWAIntFQDN =  ((Get-OwaVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $OWAIntFQDN
 $OWAExtFQDN = ((Get-OwaVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $OWAExtFQDN
}
catch {
}
#MAPI
try {
 $MAPIIntFQDN = ((Get-MapiVirtualDirectory -server $ExchangeServer).Internalurl.Host).ToLower()
 [array]$CertNames += $MAPIIntFQDN
 $MAPIExtFQDN = ((Get-MapiVirtualDirectory -server $ExchangeServer).ExternalUrl.Host).ToLower()
 [array]$CertNames += $MAPIExtFQDN
}
catch {
}
#Make FQDNs unique
try {
 $CertNames = $CertNames | select -Unique
}
catch {
}
write-host "
Autodiscover Hostname: $AutodiscoverFQDN 
Outlook Anywhere Hostname (Internal): $OAIntFQDN
Outlook Anywhere Hostname (External): $OAExtFQDN
ActiveSync Hostname (Internal): $EASIntFQDN
ActiveSync Hostname (External): $EASExtFQDN
OAB Hostname (Internal): $OABIntFQDN 
OAB Hostname (External): $OABExtFQDN
EWS Hostname (Internal): $EWSIntFQDN
EWS Hostname (External): $EWSExtFQDN
ECP Hostname (Internal): $ECPIntFQDN
ECP Hostname (External): $ECPExtFQDN
OWA Hostname (Internal): $OWAIntFQDN
OWA Hostname (External): $OWAExtFQDN
MAPI Hostname (Internal): $MAPIIntFQDN
MAPI Hostname (External): $MAPIExtFQDN
"
write-host "
SANs needed for Certificate:
"
$CertNames
write-host "
Use this Hostname as Common Name (CN): $OWAExtFQDN
"