Your company has three offices. Each office has 1,000 users and is configured as an Active Directory
site. Each site connects directly to the Internet.
The network contains six servers that have Exchange Server 2013 installed. The servers are
configured as shown in the following table.
An administrator performs a datacenter switchover by changing the DNS record for
webl.adatum.com to point to the IP address of web2.adatum.com.
Users from Main1 report that when they connect to Outlook Web App, they receive a certificate
warning message.
You need to recommend a solution to ensure that the users do not receive a certificate warning
message when a datacenter switchover is performed.
What should you include in the recommendation?
A.
Three host headers for the Default Web Site on each Client Access server
B.
One certificate that contains all of the external names as subject alternative names
C.
Three certificates that each contains one of the external names
D.
An external URL for each Client Access server set to $null
Explanation:
SAN Certificates (Subject Alternative Names) This type of certificate allows more than a single name
in a single SSL certificate which makes total sense for the new Microsoft products (Lync and
Exchange) because several services are using names and all of them are underneath the same IIS
Web Site. In some Public CA these certificates are also known as UC Certificates.
Reference: Managing Certificates in Exchange Server 2013
I would say B over C for a couple of reasons:
1. It will be cheaper to get one certificate with 3 SAN’s rather than 3 with 1 each.
2. When a failover occurs, they will be using the same certificate as they were before.
3. It will be easier to manage. You will only have to enrol once, you will only have to reenrol once whenever it expires.