Solved

Problem Installing Certificate

Posted on 2008-10-01
6
470 Views
Last Modified: 2013-11-24
I am trying to install Entourage 11.2.5 on to my Mac using 10.4.11, but I am confused about the installation of a Trusted Root Certificate.

Where do I get this certificate and how do I install it ??

I have heard that using SSL with Entourage is difficult to configure and that HTTP might be a better way to go.

Can someone please help.
0
Comment
Question by:Steveh24
  • 3
  • 3
6 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22614340
HTTP is always easier than SSL (as you need basic web hosting functionality before you can worry about securing it...), but it is not secure, so if you need SSL, then you need SSL.

Many popular commercial CA certs should already be loaded, or you could do so by installing the current version of your software.  If you are looking to manually add a certificate that is not a part of Apple's root certificate program (e.g. for your own root CA), then refer to this article:
http://www.microsoft.com/mac/itpros/default.mspx?clr=99-15-0&srcid=5c028854-8df7-4257-aee0-891eeffb66ac1033&ep=9&target=de839750-4d6a-45c4-80c4-ec4f13e2cfb21033
0
 

Author Comment

by:Steveh24
ID: 22616021
I don't mind what Certificate we use as I'm completely confused by this issue, I just want to be able to install Entourage and connect to our Exchange Server

We do have an SSL Cert we use for our Exchange Servers OWA, could I use this or are you saying that the Mac already has a Root Cert it can use.
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22628068
Mac, Windows, etc. already ships with a base Trusted Root Certificate store.  This includes root certs from typically gov't agencies and commercial CA's such as Verisign that a large number of their users would typically come across during normal usage.  In that sense, there is already a root cert it could use (most commercial CA's would already have submitted to be included in this list that gets installed always).  

Doing this would mean you get a new cert for the Entourage box - the name that the cert was issued to must match, so you generally cannot use one cert for multiple differently named machines.  If this is a cluster you could issue to the alias and then use that for each box that responds to that DNS alias.  There are also wildcard certs for your whole domain (*.yourdomain.com), but they are spendy.

If you have your own CA installed, you could issue your own cert and install that.  Part of that would require installing your own root CA cert as well as the server cert.  The link from previous message documents that.  You would also want to deploy the root CA cert to your clients so they don't get warnings about trust, this is well documented on how to do this via GPO.  I would imagine there is a script or something that you could push for doing this in Apple or other linux OS - if you want to do that we can look into that.  

If this will be accessible by your users at home (not on their domain box) then you probably want to just go with a commercial CA cert as it would be easier than giving instructions on how to install your CA's root cert in all the different software environments that your home users are bound to use.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:Steveh24
ID: 22633720
I'm still struggling to get my head around this whole scenario and the user is thinking it might be easier to put her Mac in ther nearest Wheelybin and get a Laptop with XP and use Outlook.

Would I be correct in thinking that in order to send & receive Email that the Mac will have to be connected to the company VPN in order to access the Exchange, if this is the case do they actually need a certificate as the VPN is secure.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 125 total points
ID: 22650693
There are a few common ways to check email..  if you want to do it directly (i.e. downloading it into your email client) then you need to be on the LAN - if you are not on the LAN then you need to VPN to become connected to the LAN.

VPN is VPN - they all have an authentication method, usually a few different types.  This could be as simple as a username/password, which is not very secure, but tends to have some second factor added such as those RSA key fobs that change a temp code every minute or so as the 'secure' part of the authentication.  There could be certs involved, which once set up tends to be a little bit easier, but would require setup on whatever machine they are using to connect with.

Alternatively, instead of VPN you could use a web access to your email, such as OWA (outlook web access) - this requires its own setup on the server end, but is accessible by just popping the URL into your browser.  You can't download the emails automatically, but you can still download attachments and such manually.  This can be set up with just normal domain\username and password credentials, or also use certs, security fobs, etc.
0
 

Author Comment

by:Steveh24
ID: 22702784
Having read several articles on Forums it would appear that few people have managed to get Entourage working properly and in the end we used Outlook in Windows Emulation mode and connected as an Exchange Client straight away which begs the question "Why were Macs invented".

OWA was always an option, but you are dependant on the Internet to access your Emails and even though she still needs the Internet to connect to the Exchange, at least once they are downloaded they are there to view at all times.

Thanks for trying to solve my problem and even though you were unable to do so, I will still give you the points for trying, although I have come to the conclusion that Mac OS and Windows can't exist together.


0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Mac OS X 10.7.5 Login Loop 17 88
pdf to word 13 76
Copy multiple iTunes playlists to attached iPod 2 70
Excel for Mac - How make those Tabs larger? 2 31
Many companies are making the switch from Microsoft to Google Apps (https://www.google.com/work/apps/business/). Use this article to learn more about what Google Apps has to offer and to help if you’re planning on migrating to Google Apps. It is …
In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
The view will learn how to download and install SIMTOOLS and FORMLIST into Excel, how to use SIMTOOLS to generate a Monte Carlo simulation of 30 sales calls, and how to calculate the conditional probability based on the results of the Monte Carlo …
The viewer will learn how to use the =DISCRINV command to create a discrete random variable, use this command to model a set of probabilities and outcomes in a Monte Carlo simulation, and learn how to find the standard deviation of a set of probabil…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now