I was always under the impression it is a good idea to get a SAN cert with the FQDN of the internal Exchange servers but it looks like the forum that makes decisions on certificates will not support the generation of new certificates after 2015 with .local in them. (http://www.digicert.com/internal-names.htm).
What is Microsoft's recommended work around?
↧