Solved

OWA SSL Security

Posted on 2006-11-21
4
291 Views
Last Modified: 2013-12-04
Hi,

I was researching the setup of OWA with a self created SSL certificate. Before i did anything i forwarded the appropriate ports and attempted to access OWA. It seems to have its own default certificate installed. I was happily able to access my email through https.

The question i have is:

1. Is this default SSL certificate secure.

2. What are the advantages of setting up my own SSL Certificate authority.  As in is there a difference from the defaul certificate ( Im only interested in using it with OWA)

0
Comment
Question by:Danbrasco
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 230 total points
ID: 17986199
SSL and certificates are not set up by default? someone has either set them up - or your running small business server (that does have certificates installed by default)

>>1. Is this default SSL certificate secure.

As secure as any other SSL certificate - essentially all a certificate does is stop data being sent in "cleartext" SSL certificates are as secure from your OWN CA as they are if you got them from verisign or another online CA.

The Real question should be .......................

Are my certificates as TRUSTWORTHY - well if only you and your staff are going to use it then yes  - if you want to offer your OWA to all and sundry out on the internet than they might trust an Ensign or Verisign certificate MORE than yours.

>>2. What are the advantages of setting up my own SSL Certificate authority.

It takes about 5 mins, when your cert expires you can issue a new one straight away - you can use your own CA for doing other things (like securing internal IP traffic digitally signing emails etc etc)
0
 
LVL 13

Assisted Solution

by:hstiles
hstiles earned 20 total points
ID: 18008486
1 other point to make about self-generated certififcates is that by default your clients won't immediately accept them, unless you set up your own internal certififcate authority for use by internal machines.  Every time someone browses to your OWA website, they'll get an SSL warning informing that the certificate is not from a trusted authority.

You can get certificates from an intermediate authority for not a lot of money nowadays.  E.g. www.instantssl.com  These work without problems almost all of the time.
0
 

Author Comment

by:Danbrasco
ID: 18018685
Thank you for your tips.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 18018822
ThanQ
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now