HELP. Certificates Service on Exchange Server box?

taktsoitaktsoi Member Posts: 224
Hi guys. need a suggestion.

I attempt to configure the OWA on my testing exchange server 2003 box. I make the OWA using SSL with FBA. however, i need to import a secure certificate.

If i understand correctly, I would get a third-party certificate or install an internal certificate service server.

I choose to install a certificate service. However, I am not sure where to install on.

I currently have 3 servers boxes. 1 ISA, 1 DC, 1 exchange.

Where do i install? What is a good practice on installing OWA with SSL?

I love to learn more about exchange server.

thank you so much.
mean people SUCK !!! BACK OFF !!!
The Next Stop is, MCSE 2003 and CCNA.
Bachelors of Technology in 1 More Year.

-Working on CCENT. Thank you my love <3

Comments

  • garv221garv221 Member Posts: 1,914
    you can create your own certificate through exchange or through a third party.

    http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    One issue you can run into with creating your own CA is it won't be trusted by anyone outside your comapny. This will result in those pesky certificate warnings being generated when clients outside the comapny (people working from home, for example) connect to the OWA server.
    The only easy day was yesterday!
  • taktsoitaktsoi Member Posts: 224
    garv221 & dtlokee

    This is an excellent information. I will look into it. Thank you so much. icon_thumright.gificon_thumright.gif

    I wouldn't mind that i got a pop up for the security alert warning everytime. I just wanna have my own test exchange box at home. I love testing features and learn more about server stuffs. i know about TOS. but i don't run a heavy messaging traffic. So i believe this is alrite.

    I just registered a real domain for $30 including a custom DNS for 1 year. i already open port 25 for incoming and use smart host from my ISP.

    i just don't have an antivirus/ antispam installed on this box. I also need to configure security settings. Should i add a transparent firewall between my exchange box and vlan switch? I got a dlink transparent firewall from my friend.

    What else do i need to setup???? icon_scratch.gif

    Thank you guys.[/i]
    mean people SUCK !!! BACK OFF !!!
    The Next Stop is, MCSE 2003 and CCNA.
    Bachelors of Technology in 1 More Year.

    -Working on CCENT. Thank you my love <3
  • garv221garv221 Member Posts: 1,914
    Typically the best setup is to have an edge server (SMTP Relay) in a DMZ w/spam protection on that. The edge server is still behind a firewall but in a DMZ. The edge server then relays email to your internal exchange server thus keeping your internal Exchange server or any server from having mapped ports to the internet.
  • seuss_ssuesseuss_ssues Member Posts: 629
    We use our own certs for some intranet stuff.

    You can get around the issue by adding the cert to the clients(your) certificate store. This can also be accomplished manualy or through a group policy.

    Just google it if your interested, there are plenty of guides.
Sign In or Register to comment.