HELP. Certificates Service on Exchange Server box?
Hi guys. need a suggestion.
I attempt to configure the OWA on my testing exchange server 2003 box. I make the OWA using SSL with FBA. however, i need to import a secure certificate.
If i understand correctly, I would get a third-party certificate or install an internal certificate service server.
I choose to install a certificate service. However, I am not sure where to install on.
I currently have 3 servers boxes. 1 ISA, 1 DC, 1 exchange.
Where do i install? What is a good practice on installing OWA with SSL?
I love to learn more about exchange server.
thank you so much.
I attempt to configure the OWA on my testing exchange server 2003 box. I make the OWA using SSL with FBA. however, i need to import a secure certificate.
If i understand correctly, I would get a third-party certificate or install an internal certificate service server.
I choose to install a certificate service. However, I am not sure where to install on.
I currently have 3 servers boxes. 1 ISA, 1 DC, 1 exchange.
Where do i install? What is a good practice on installing OWA with SSL?
I love to learn more about exchange server.
thank you so much.
mean people SUCK !!! BACK OFF !!!
The Next Stop is, MCSE 2003 and CCNA.
Bachelors of Technology in 1 More Year.
-Working on CCENT. Thank you my love
The Next Stop is, MCSE 2003 and CCNA.
Bachelors of Technology in 1 More Year.
-Working on CCENT. Thank you my love
Comments
-
garv221
Member Posts: 1,914
you can create your own certificate through exchange or through a third party.
http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html -
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
One issue you can run into with creating your own CA is it won't be trusted by anyone outside your comapny. This will result in those pesky certificate warnings being generated when clients outside the comapny (people working from home, for example) connect to the OWA server.The only easy day was yesterday! -
taktsoi
Member Posts: 224
garv221 & dtlokee
This is an excellent information. I will look into it. Thank you so much.
I wouldn't mind that i got a pop up for the security alert warning everytime. I just wanna have my own test exchange box at home. I love testing features and learn more about server stuffs. i know about TOS. but i don't run a heavy messaging traffic. So i believe this is alrite.
I just registered a real domain for $30 including a custom DNS for 1 year. i already open port 25 for incoming and use smart host from my ISP.
i just don't have an antivirus/ antispam installed on this box. I also need to configure security settings. Should i add a transparent firewall between my exchange box and vlan switch? I got a dlink transparent firewall from my friend.
What else do i need to setup????
Thank you guys.[/i]mean people SUCK !!! BACK OFF !!!
The Next Stop is, MCSE 2003 and CCNA.
Bachelors of Technology in 1 More Year.
-Working on CCENT. Thank you my love -
garv221
Member Posts: 1,914
Typically the best setup is to have an edge server (SMTP Relay) in a DMZ w/spam protection on that. The edge server is still behind a firewall but in a DMZ. The edge server then relays email to your internal exchange server thus keeping your internal Exchange server or any server from having mapped ports to the internet.
-
seuss_ssues
Member Posts: 629
We use our own certs for some intranet stuff.
You can get around the issue by adding the cert to the clients(your) certificate store. This can also be accomplished manualy or through a group policy.
Just google it if your interested, there are plenty of guides.