i installed the certificate from my exchange 2010 server and it was accepted as valid. it gave an error like in this link http://www.hsuconsulting.com/wildcard-ssl-certificate-exchange-2013-imap-and-pop-error/
but it was accepted as valid.
i changed ECP to connect as webmail.domain.com externally but no other changes. Now i get "The security certificate presented by this website was issued for a different website's address." whenever i try to open ECP.