[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Install SSL Certificate for Outlook Anywhere.

Posted on 2007-10-17
7
Medium Priority
?
1,062 Views
Last Modified: 2012-05-05
Hi,
Can someone please point me to a detailed 'how to article ' on "how to Install a valid Secure Sockets Layer (SSL) certificate from a certification authority - in order to Deploy Outlook Anywhere for Exchange 2007.

Thanks,
P
0
Comment
Question by:prospatho
  • 4
  • 3
7 Comments
 

Author Comment

by:prospatho
ID: 20091770
Can i clarify that we ahve our own CA server.
0
 
LVL 6

Expert Comment

by:patelbg2001
ID: 20091920
right before anyone starts deleting stuff I actually own the copy rights to this pls do not delete!!!!

Thanks
B.

heres  the first procedure

This procedure will require a Windows Server 2003 enterprise CA installed in the xxx domain.
To obtain a new server certificate using the Web Server Certificate Wizard
1.      In IIS Manager, expand the local computer, and then expand the Web Sites folder.
2.      Right-click the Web site for the Exchange front-end services, by default, the Default Web Site, and click Properties.
3.      On the Directory Security tab, under secure communications, click Server Certificate. Use the wizard to request and install the Web server certificate.
4.      In the Web Server Certificate Wizard, select Create a new certificate.
* Note If you installed a certificate during Exchange Setup, select Remove the current certificate on the Modify the Current Certificate Assignment page, and click Next. You can now restart the procedure.
1.      On the Delayed or Immediate Request page, select Send the request immediately to an online certification authority.
2.      Enter the required information on the Name and Security Settings and the Organisation Information pages.
3.      Type the FQDN on the Your Site's Common Name page.  webmailxxx.com 
* Note ISA Server must resolve this name to the Client Access server. The FQDN entered will be used when publishing the Exchange Web client access.
1.      Enter the required information on the Geographical Information page.
2.      Accept the default port of 443 on the SSL Port page.
3.      From the list under Certification authorities, select the correct internal enterprise CA.
4.      Review your request on the Certificate Request Submission page and click Next to submit your request. This will also install the certificate for your Web site.
5.      Click Finish on the Completing the Web Server Certificate Wizard page to close the wizard
0
 
LVL 6

Expert Comment

by:patelbg2001
ID: 20091931
Enable Outlook Anywhere
1.      In the console tree, expand Server Configuration, and then click Client Access.
 
2.      In the action pane, click Enable Outlook Anywhere.
3.      In the Enable Outlook Anywhere Wizard, in the box under External host name, type the external host name, webmailukxxx.com .
4.      Select an available external authentication method.  NTLM authentication. (NTLM only available in isa2006)
 
5.      Do not select box next to Allow secure channel (SSL) offloading - Unless you plan to configure a hardware load balance
6.      Click Enable to apply these settings and enable Outlook Anywhere.
7.      Click Finish to close the Enable Outlook Anywhere Wizard.
* Repeat steps for each client access server client access server in the site
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 6

Expert Comment

by:patelbg2001
ID: 20091934
Installing the SSL Certificate
1.      Select Administrative Tools, Start Internet Services Manager
2.      Open the properties window for the website. You can do this by right clicking on the Default Website and selecting Properties from the menu.   Open Directory Security by right clicking on the Directory Security tab
3.      Click Server Certificate. The following Wizard will appear
4.      Choose to Process the Pending Request and Install the Certificate. Click Next.
5.      Enter the location of your certificate (you may also browse to locate your certificate), and then click next.
6.      Read the summary screen to be sure that you are processing the correct certificate, and then click next.
7.      You will see a confirmation screen. When you have read this information, click next.
8.      You now have a server certificate installed.
9.      Important: You must now restart the computer to complete the install
Open the Properties of the default website and ensure that SSL port contains the number 443 (it should default to this number automatically). Export the certificate including private key and import the certificate to any Client Access servers & ISA 2006 servers, which will be participating in Outlook Anywhere
0
 

Author Comment

by:prospatho
ID: 20098415
Hi Patelbq2001,
Thanks for your procedures. appreciate it and will certainly accept this as a solution!

I have completed the first procedure (in removing and reinstalling a certificate from our CA server), which looks like it has completed a certificate installation.
I may have preempted a bit here as I need to actually configure OWA and get it working before Outlook Anywhere.

Q1. Do I need to install another OWA specific certificate or does the default website one cover all virtual servers
Q2. OWA is isnstalled by default and I have been testing mail flow using interna OWA. I now need to allow migrated users ot access the new 2007 OWA. As i undertand it we need to configure our firewalls to allow traffic through on ports 80 and 443 to our neww 2007 Exchange  server. Is this correct?
Q2.Do you have a simialr procedure that I can follow right throough to configure OWA.
Thanks so much,
P.
0
 
LVL 6

Accepted Solution

by:
patelbg2001 earned 1500 total points
ID: 20137220
Q1. Do I need to install another OWA specific certificate or does the default website one cover all virtual servers? same cert should cover all procedures


Q2. OWA is isnstalled by default and I have been testing mail flow using interna OWA. I now need to allow migrated users ot access the new 2007 OWA. As i undertand it we need to configure our firewalls to allow traffic through on ports 80 and 443 to our neww 2007 Exchange  server. Is this correct? Yes


Q2.Do you have a simialr procedure that I can follow right throough to configure OWA. Yes... I need to dig it out for you

sorry for the delay
B.
0
 

Author Comment

by:prospatho
ID: 20174999
Hi Patel,
Thanks for answering Q1&2.
if you do have anythhing for configuring OWA...
Cheers,
P.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses
Course of the Month18 days, 14 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question