SAN SSL Certificate

Did you order a UCC cert? If you summit the SAN filled in on a stander cert the CA will remove it when generating the cert.

I guess I'm not 100% sure what you mean. I am generating the CSR on the F5 itself, and submitting the request to my local authority. This wont handle internet traffic, so we wont be purchasing a certificate from a public authority. We already have that through our TMG server.

Maybe I am just not selecting a certain field, or generating it incorrectly on my CA?

I think what Dan is asking is if you're specifying with the CA that this is a SAN certificate? It could be that the CA is stripping the SAN information.

I suppose I have never been aware that is an option? Traditionally, I generate CSR's through exchange in which you apply SAN to the CSR and then just generate a certificate on the CA by using the web server template. There isn't an option anywhere to specify if it is a standard or UCC or anything like that.

If you were buying a cert from A public ca you would need to buy a ucc or multi domain cert.If it is your own ca it's a different story. If you already have the cert on your exchange server why not export it with the privte key and just import to the f5

If the URL of the exchange is accessed from outside network, it needs trusted certificate. It can be achieved by creating SAN certificate. As you mentioned, it is accessed internally, it is better to export the private key from the existing exchange certificate and upload it to F5 box.