I have tested the SAN certificate, it is working great with our environment.
But i am facing issue with renewal and using the script with multiple CAS servers on two sites behind same common name. Our Exchange CAS servers are load balanced on KEMP hardware LB. When I run the ACME-Exchange.ps1 script , so sometime it validate all SAN names , and sometime it failed to validate. After some troubleshooting I found that during domain validation it is hitting the other CAS on which script is not running. So I disable the other virtual server (CAS) on LB , and domains were successfully validated. So I was thinking that we cannot automate the certificate renewal in this way, because every time I have to disable the other virtual servers on KEMP.
Anyone else is using the same script for multiple CAS servers behind Load balancer with same common name ???
Our environment is that we have two sites , with same common name :
Mail.pern.edu.pk : Site1_PulbicIP_VIP-LB