UCC SSL/TLS certificates explained

A Unified Communications Certificate (UCC) is a type of SAN (also known as multi domain) SSL/TLS certificate. A UCC lists a Fully Qualified Domain Name (FQDN) as a common name on the certificate. Each additional domain is listed as a SAN. This is different from a typical SAN certificate, where every single domain is listed as a SAN and there is no common name.

Why does a common name matter?

It is the distinction of a common name that makes a UCC SSL/TLS certificate compatible with Microsoft Exchange Server, Live Communications Server and Microsoft Office Communications Server environments. Both servers can have several functions, internal and external, assigned to different subdomains — all of which can be on a single IP address. The device will look for the common name on the certificate, and then the appended subdomains. Thus, a true SAN certificate is not able to be used. This is because, as mentioned, there is no common name to look for on the certificate — only SANs.

Common usages

A UCC certificate is most commonly deployed on payment gateways, Android devices and Skype servers. Furthermore, it sees widespread usage on Autodiscover. Autodiscover is a service commonly used on the Microsoft Exchange platform due to greatly easing administration. The reason UCC is so widely implemented on Autodiscover is because the service is not compatible with non-UCC SSL/TLS certificates without significant workarounds. Unfortunately, these workarounds are both time consuming and potentially problematic. Thus, the implementation of a UCC SSL/TLS certificate is the safest approach to securing Autodiscover.

How Useful Was This Post?

Let Us Know How We Are Doing - Click A Star To Rate This Post

Average Vote Rating / 5. Vote Count :

No Votes So Far! Be The First To Rate This Post