• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 194
  • Last Modified:

Do I need to purchase a certificate to use RPC over HTTP with Exchange 2007

Hi,

I am in the process of setting up Exchange 2007.  

OWA will work with the built-in default certificate but I think I read somewhere that RPC-HTTP needs a trusted cert to work.  Does this mean I will need to purchase one?  

Thanks,

Mark
0
markholmes24
Asked:
markholmes24
  • 2
  • 2
1 Solution
 
BiPodCommented:
Depending on your environment you will either need a self signed Subject Alternative Name (SAN) certificate or you will have to purchase a SAN certificate.

If you go for a self signed certificate using your own certificate authority you'll obviously have to provide the trusted root certificate to your end users otherwise they'll get a certificate security warning when trying to conenct via RPC-over-HTTP.  If you go for a purchased certificate (from someone like Digicert who are very good) then the root certificates come pre installed on the client Operating System.

I went with a Digicert certificate and included the following SANs in it

mail.domain.com (for OWA)
autodiscover.domain.com (for the autodiscover service)
CAS.server.fqdn
CASServer

This essentially allowed me to get everything from Outlook on the LAN to OWA and RPC-over-HTTP (with autodiscover) working without any security warnings.

Cheers

BiPod
0
 
BiPodCommented:
Also, i found this article useful for creating SAN certificates when testing using my own certificate authority on windows server 2003.

http://support.microsoft.com/kb/931351
0
 
markholmes24Author Commented:
BiPod - many thanks for that.
0
 
markholmes24Author Commented:
Cheers BiPod!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now