Hi, Our setup: 1 x Windows 2003 server DC, hosting Certificate Services. 1 x Exchange 2003 server DC I have configured a self-signed cert for OWA access. I can access OWA via HTTPS, however, when I access the page using the server name (https://<server>/exchange), I receive a Security Alert where the first and last items are Warnings. That is: Warning- The security certificate was issued by a company you have chosen not to trust... Ticked- The security certificate date is valid Warning- The name on the security certifcate is invalid or does not match... I reference the article on msexchange.org: SSL Enabling OWA 2003 using your own Certificate Authority (http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html) The second warning is entirely valid, however, I do not understand why the RootCA is not accepted as a valid issuing authority (Warning 1) as it is part of AD. I have replicated AD using Sites and Services. The Common Name for the CA is "RootCA.<domain-name>" The Common name for the exchange site is "mail.<domain-name>" Further, and this is not related to the SSL problem, but I am never asked for my Username/password to access the page. An example is shown in the msexchange.org document. Any help would be appreciated. Cheers, Adrian