Hello,
I want to better understand the autodiscover process when using a CNAME. I have some assumptions, but are they correct?
First scenario:
-autodiscover.mydomain.com is a CNAME and points to autodiscover.subdomain.mydomain.com (reverse proxy with certificate)
-The certificate must have autodisciver.mydomain.com as the subject name, right? Because this is the address which is requested. The autodiscover.subdomain.mydomain.com doesn't have to be included in the certificate?!
So the flow would be: Outlook queries autodiscover.mydomain.com and gets the IP address of autodiscover.subdomain.mydomain.com. Outlook connects to this IP and gets the certificate for autodiscover.mydomain.com and can post the request.
Second scenario:
-autodiscover.mydomain.com is a CNAME and points to autodiscover.outlook.com
-The certificate will not have any of my autodiscover names included.
Here, the process would be: Outlook queries autodiscover.mydomain.com and gets the IP address of autodiscover.outlook.com. Because port 443 is not listening there, outlook checks for redirect options and is redirected to autodiscover-s.outlook.com. Because this is a redirect, the requestet hostname now is autodiscover-s.outlook.com and the certificate name only must match this address.