• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

How to setup OWA securely

Hi
i have exchange 2003 and OWA works internally using http. i want to set it up to work externally using https. how do i do this??? i have a checkpoint firewall
0
mikeleahy
Asked:
mikeleahy
  • 4
  • 3
  • 2
1 Solution
 
SembeeCommented:
Purchase an SSL certificate - you can get a 30 day trial certificate from RapidSSL.com - they also have instructions on their web site.
Once you have done that, enable forms based authentication on the HTTP protocol under Servers in ESM. Open port 443 on your firewall and ensure that you have a good password policy. Not really a great deal to it.

Simon.
0
 
merowingerCommented:
Sembee is right....he's always right :)
AddOn: When u have a own certificate authority u can create your own certificate....but its not trusted on each user browsers,
as rapidssl certificates
0
 
SembeeCommented:
I would not call an OWA deployment using a self or home generated SSL certificate secure.

Simon.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
merowingerCommented:
yes its not the best solution, but you dont have to pay something!
0
 
mikeleahyAuthor Commented:
is it secure using a 3rd party cert?? how do i enable forms based authentication on the http protocol . i have only 1 exchange server
0
 
SembeeCommented:
When you can get SSL certificates for US$20 a year, the "savings" of a home grown certificate become noting, once you have trained your staff to accept the SSL certificate and worried about the fall out from the security warnings. A commercial SSL certificate does not have that problem. It also looks more professional.

I gave you the path to forms based authentication in ESM. You simply enable the option.

Simon.
0
 
mikeleahyAuthor Commented:
what cert would do for me i.e. rapidssl, rapidssl wildcard or rapidssl + platinum support.

i have enabled forms based support in ESM. does the certificate have to be installed on each laptop or whats the story ? if forms are enabled, and a cert is on the pc and port is opened then all they have to do is open https:\\mail.xxx.ie\exchange

am i correct

0
 
SembeeCommented:
A standard SSL certificate will be fine - so a standard RapidSSL certificate will be fine. If you purchase a commercial trusted SSL certificate then you don't have to install the certificate on to every device - that is part off the point.

Simon.
0
 
mikeleahyAuthor Commented:
worked great. thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now