Exchange Server SSL Certificate Authority Change

An industry wide change is coming to SSL certificates, which will affect Exchange Server and anything else using intranet names. On October 1, 2016 Certificate Authorities must mandatorily revoke all unexpired certificates with subject alternative names corresponding to internal names. The recommended way of securing Exchange Server with an SSL certificate is coming to an end. In the past, a UCC (SAN) certificate was purchased with a common name pointing to the public DNS address, and subject alternative names pointing to internal fully qualified domain names (usually with a suffix ending in .local or .int) to secure internal users. The good news