It is assumed you have your SSL wildcard certificate already installed on an Exchange 2010 server.<\/p>\n\n\n\n
We use Windows Server 2008 R2 Datacenter x64 in this example.<\/p>\n\n\n\n
Open Exchange Management Shell as Administrator and get a list of SSL certificates that are available:<\/p>\n\n\n\n
[PS]> Get-ExchangeCertificate\n\nThumbprint Services Subject\n---------- -------- -------\n1F70359DC0BE9CAD58F965A3C110 ...WS. CN=*.example.com, OU=IT Dep, O=Example Comp...\n0F7FF199B11E662621D80700D04F ....S. CN=ExampleDC<\/pre>\n\n\n\nWhen you enable the wildcard *.example.com<\/em> certificate for POP service, you normally get the following error: <\/p>\n\n\n\n
PS]> Enable-ExchangeCertificate -Thumbprint 1F70359DC0BE9CAD58F965A3C110 -Services POP\nWARNING: This certificate with thumbprint 1F70359DC0BE9CAD58F965A3C110 and subject '*.example.com' cannot used for POP SSL\/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-POPSettings to set X509CertificateName to the FQDN of the service.<\/pre>\n\n\n\nThe same applies to IMAP: <\/p>\n\n\n\n
[PS]> Enable-ExchangeCertificate -Thumbprint 1F70359DC0BE9CAD58F965A3C110 -Services IMAP\nWARNING: This certificate with thumbprint 1F70359DC0BE9CAD58F965A3C110 and subject '*.example.com' cannot used for IMAP SSL\/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-IMAPSettings to set X509CertificateName to the FQDN of the service.<\/pre>\n\n\n\nSet FQDN for POP service to fix the error: <\/p>\n\n\n\n
[PS]> Set-POPSettings -X509CertificateName exchange2010.example.com<\/pre>\n\n\n\nDo the same for IMAP service: <\/p>\n\n\n\n
[PS]> Set-IMAPSettings -X509CertificateName exchange2010.example.com<\/pre>\n\n\n\nVerify POP settings: <\/p>\n\n\n\n
[PS]> Get-POPSettings\n\nUnencryptedOrTLSBindings SSLBindings LoginType X509CertificateName\n------------------------ ----------- --------- -------------------\n{:::110, 0.0.0.0:110} {:::995, 0.0.0.0:995} SecureLogin exchange2010.example...<\/pre>\n\n\n\nVerify IMAP settings: <\/p>\n\n\n\n
[PS]> Get-IMAPSettings\n\nUnencryptedOrTLSBindings SSLBindings LoginType X509CertificateName\n------------------------ ----------- --------- -------------------\n{:::143, 0.0.0.0:143} {:::993, 0.0.0.0:993} SecureLogin exchange2010.example...<\/pre>\n\n\n\nRestart POP and IMAP services: <\/p>\n\n\n\n
[PS]> Restart-service MSExchangePOP3\n[PS]> Restart-service MSExchangeIMAP4<\/pre>\n\n\n\nSource link:<\/p>\n\n\n\n