Apologies for the n00b post but I find new things to worry about every day. I am in need of renewing the Auth Cert on my Exchange 2013 (CU18, also DAG) servers. I have made note that he original one has a null value for CertificateDomains and the same cert thumbprint is used across all servers . When I renew the cert via PS, it sets the CD to the server it was issued from.
Am I correct in assuming during the below PS command that I can set the -DomainName parameters to "Server1, Server2, Server3, Server4, Server5, Server6" with PK exportable and just export/import to all servers without issue? Or am I an idiot? Should it be per server instead of making one cert for all?
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName “CN= Microsoft Exchange Server Auth Certificate” -DomainName “*.DOMAINNAME.COM” -FriendlyName “Microsoft Exchange Server Auth Certificate” -Services SMTP