Site icon Franky's Web

Exchange 2016: Determine DNS names for certificates (Quick & Dirty)

Frank Zöchling

The DNS names of the configured URLs of the virtual Exchange directories are relevant for the SSL certificate. The corresponding DNS names must be available on the certificate as SAN (Subject Alternate Name).

This small script lists all configured DNS names of the Exchange 2016 servers. This allows the certificate to be requested and issued accordingly.

$AllExchangeServers = Get-ExchangeServer
foreach ($ExchangeServer in $AllExchangeServers)
{
 [array]$CertNames += (Get-ClientAccessService -Identity $ExchangeServer.Name).AutoDiscoverServiceInternalUri.Host
 [array]$CertNames += (Get-OutlookAnywhere -Server $ExchangeServer).Internalhostname.Hostnamestring
 [array]$CertNames += (Get-OutlookAnywhere -Server $ExchangeServer).ExternalHostname.Hostnamestring
 [array]$CertNames += (Get-MapiVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-MapiVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
 [array]$CertNames += (Get-OabVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-OabVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
 [array]$CertNames += (Get-ActiveSyncVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-ActiveSyncVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
 [array]$CertNames += (Get-WebServicesVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-WebServicesVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
 [array]$CertNames += (Get-EcpVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-EcpVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
 [array]$CertNames += (Get-OwaVirtualDirectory -Server $ExchangeServer).Internalurl.Host
 [array]$CertNames += (Get-OwaVirtualDirectory -Server $ExchangeServer).ExternalUrl.Host
}
$CertNames | select -Unique

With minor adjustments, the script can also be used to detect deviations in the configured host names.

The variable $CertNames contains all configured host names of the Exchange servers. These DNS names can then be used for the certificate.

Exit mobile version