What is an Exchange 2016 Wildcard Certificate and How Does It Work?

Since you searched for something akin to “Exchange 2016 wildcard certificate” or “exchange wildcard certificate,” we can only assume that you’re investigating ways to protect all of your website’s subdomains and are using Microsoft Exchange Server. This could include servers such as Exchange 2010 or Exchange 2016.

Simple enough. We’ll start with a few of the basics and will tell you how a wildcard SSL certificate can benefit your organization.

What’s a Wildcard SSL Certificate?

To understand what a Microsoft Exchange wildcard certificate is, you first need to understand what a wildcard SSL certificate is. A wildcard SSL certificate is a type of x.509 digital certificate that protects your main domain (a fully qualified domain name, or FQDN) and an unlimited number of subdomains on any one level. For example, you can cover your main domain (yourdomain.com) and then include your first-level subdomains by using the asterisk in the URL like *.yourdomain.com. However, you can’t use a wildcard certificate to secure multi-level subdomains on your domain. That would require a multi-domain certificate.

But What Makes a Wildcard Certificate an “Exchange Wildcard Certificate” Specifically?

Really, there’s no real differentiation between an “Exchange 2016 wildcard certificate” and a standard one. An Exchange wildcard certificate is just a regular wildcard SSL certificate that you install on a Microsoft Exchange server. Or, in the case of an Exchange 2016 wildcard certificate, an Exchange 2016 server.

That’s pretty straightforward, isn’t it? Yeah, we think so, too. But here’s a little more context to help you get a better understanding of which people sometimes differentiate Exchange wildcard SSL certificates from standard wildcard SSL certificates…

Historically, there were SSL certificates that were specifically designed for use on Microsoft Exchange and Communications servers — those are known as UCC, or unified communications certificates. These certificates cover multiple domains as well as an unlimited number of multi-level subdomains. These types of certificates fall under the umbrella of multi-domain SSL certificates.

Nowadays, however, you no longer have to operate under these restrictions. You can use regular multi-domain or multi-domain wildcard certificates on just about any server, including Microsoft Exchange and Office Communications servers.

Rules of Thumb When Using Exchange Wildcard Certificates

There are a few best practices that are beneficial when using wildcard SSL certificates on your Exchange 2010 or 2016 servers.

• Choose a reputable certificate authority. There are a lot of companies and organizations out there that offer free or commercial SSL certificates. Just be wary of choosing the wrong one for yours. Do your research to ensure that the certificates are coming from a CA that is trusted within the industry.
• Use CA-signed certificates on client- and external-facing servers and connections. You should avoid using self-signed certificates — ones that are not signed by a certificate authority — on any external sites. It’s best to opt for CA-signed certificates because they’re automatically trusted without any additional configurations required.
• Use as few certificates as possible. This is actually just a certificate management best practice in general, but it also applies to these certificates as well.

Top Wildcard Certificates for Exchange 2016

Ready to protect your domains and subdomains? Regardless of whether you want to call it an Exchange 2016 wildcard SSL certificate or just a standard one, get a wildcard SSL certificate for your Microsoft Exchange server now: