You deploy an Exchange Server 2016 organization. The organization contains two servers.
The servers are configured as shown in the following table.
The default self-signed certificates are installed on both servers.
All of the users in the organization work from home and from customer locations.
You purchase a Layer 7 hardware-based load balancer. You configure SSL bridging without session affinity for
Outlook on the web connections.
The load balancer has an internal fully qualified domain name (FQDN) of Ib1 contoso.local.
DNS servers are configured to resolve mail.contoso.com names to the external IP address of the load
balancer.
You need to recommend which names must be included in the certificates installed on the load balancers and
the Exchange servers.
What should you recommend for each certificate? To answer, select the appropriate options in the answer
area.
Hot Area:
SSL bridging, commonly referred to as SSL initiation, begins the same as SSL offload; inbound SSL connections are directed to the proxy. The proxy then uses the SSL certificate and private key to decrypt the SSL session and allows for the same traffic-inspection capabilities. In using SSL bridging, however, the proxy connects to the Exchange servers using an SSL-protected protocol, ensuring that the network stream between the proxy and Exchange is encrypted as well as secure.
The proxy’s hostname and certificate do not have to be the same as those on the Exchange servers. The proxy device creates a new SSL session independent of the parameters the client uses. This flexibility allows Exchange admins to implement hybrid PKI solutions, where the proxy uses public certificate authority certificates and Exchange servers use internal certificates.
The Answer (for me) should be:
Load balancer: mail.contoso.com
Ex01.contoso.local: Ex01.contoso.local
Ex02.contoso.local: Ex02.contoso.local
Agree