[ExchangeList] Re: Exchange 2007 ssl issue

  • From: Patrick <london31uk@xxxxxxxxx>
  • To: exchangelist@xxxxxxxxxxxxx
  • Date: Fri, 9 Jan 2009 07:15:56 -0800 (PST)

Thanks Michael,
We have not loaded the ssl cert on the cas server. I am about to. Does it matter if we are hosting all exchange services on 1 server?
so what should I look out for?. I know there is a lot of infor out there, but is it such a confusing maze

From: Michael B. Smith <michael@xxxxxxxxxxxxxxxxxxxxxxxx>
To: exchangelist@xxxxxxxxxxxxx; exchangelist@xxxxxxxxxxxxx; msexchange@xxxxxxxxxxxxx
Sent: Friday, January 9, 2009 3:01:43 PM
Subject: [ExchangeList] Re: Exchange 2007 ssl issue

Huge amounts of info on the web for this…


Have you loaded the SSL cert into the CAS? If so, all you need is to do a get-exchangecertificate to find the thumbprint for the SSL cert you want to use, and then enable-exchangecertificate to enable specific Exchange services to use that cert.


Note that all IIS services are lumped together (OWA, EAS, EWS, etc.)


The default self-signed certificate will continue to be used for SMTP unless you specify “not to” in your enable-exchangecertificate. Be aware, however, that the default lifetime of that certificate is only one year.




Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

I'll be at TEC'2009! http://www.tec2009.com/vegas/index.php


From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Patrick
Sent: Friday, January 09, 2009 9:56 AM
To: exchangelist@xxxxxxxxxxxxx; exchangelist@xxxxxxxxxxxxx; msexchange@xxxxxxxxxxxxx
Subject: [ExchangeList] Exchange 2007 ssl issue


Hi Guys,


I just need a bit of clarity on this. Why MS has decided to change things, beats me. We are looking to publish owa through isa 2006.

Exchange 2007 was installed with the default certificate applied during installation. Now we have created a request for a CA sll which has just arrived.


We are looking to publish owa for start, then move on to other things ie ActiveSync. Now my questing is how you got about this to get things to work.


We already have a dns name called owa.jackmurray.com, which the Certificate was created in, now how do we go about getting this to work, and also would applying this new certificate disbale the default one. Please setps would be very helpful, I am finding it dificult to understand why ms has made thinsg so complicated.








Other related posts: