You can opt to use a self signed cert though: 1.
Users will get a cert warning saying it’s not from a third
party trusted source. You can however; copy the cert and import it into the
trusted root cert authority via GPO. Though this will only bypass the cert
warning for internal computers. 2.
Outlook anywhere will not work What are you trying to do? I’m thinking you want to bypass
the warning message for your clients? James Chong 11130 Sunrise Valley Drive, Suite 300 Reston, VA 20191 From:
exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On
Behalf Of raj nair Well i had read abt the san cert . But i think you
can make it work with the integrated SSL that comes when you install exchange
CAS. As i said if we take " require client certicate"
from iis manager it would connect if we type https:// fqdn of cas
server/owa and other virtual directories. Am i wrong ? Thanks
On Wed, Aug 20, 2008 at 7:50 PM, James Chong <jchong@xxxxxxxxxxxxxx> wrote: For 2007 you use the newssl
that comes with-exchangecertificate cmdlet rather than from IISmgr or through
the browser. You will need to get a third party cert not an internally
generated cert. Securing an Exchange 2007 Client Access Server using a 3rd party
SAN Certificate James Chong 11130 Sunrise Valley Drive,
Suite 300 Reston, VA 20191 From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx]
On Behalf Of raj nair Hello , Using windows 2003 enter edition having exchange 2007 client access server
running on it. SSl comes by default in exchange 2007 i was trying to install a client certificate using certificate services.
Installed enterprise root CA on DC . In the client access server, If i go to
the IIS manager --> directory security tab and clear the checkbox that says
" require client certificate" it works when i connect to owa,
exchange virual directories. From what i understood we need a browser certificate . Have referred some docs on certificate services BUT when i go to http://localhost/certsrv
it comes up with 2 options 1) submit user certifiacte or submit and advanced client certificate Advanced Certificate Request says:
From http://support.microsoft.com/kb/315588/en-us The server side is alreday there . so i think we have to go to the client
certifiacte side. The following is extracted from that doc. What it says in the doc is not coming up. i dont see an option for browser
certificate at all. FROM DOC: Install a Client Certificate
To Issue a Client-Side Certificate To Install a Client-Side Certificate Any help greatly appreciated.! Thanks Raj |