?
Solved

Problems with Thawte Freemail certificates

Posted on 2008-11-12
5
Medium Priority
?
667 Views
Last Modified: 2012-05-05
We have problems with digital certificates from Thawte (Personal Freemail Digital IDs) in combination with Outlook Web Access:

Because the Thawte certificates don't have a CRL Distribution Point (CDP) defined on each certificate (only at the intermediate issuing CA), users get the error message, that the certificates cannot be verified. This is only a problem with Outlook Web Access. With the full Outlook client there is no problem at all.

Does anybody have a solution/workaround for that issue?

Thanks,
Volker :-)
0
Comment
Question by:kurthv
  • 3
4 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22952509
Here's an article describing a nice OWA admin tool:
http://www.msexchange.org/tutorials/Outlook-Web-Access-Web-based-Administration.html
Look under S/MIME for 'Disable CRL Checking" - if that doesn't work I don't know what would besides getting certs that have a CDP declared (e.g. a paid email cert).  I'm guessing that since these are no assurance certs, there is no real need to revoke them, so they don't bother.
0
 

Author Comment

by:kurthv
ID: 22956881
Do you know, if there is an OWA admin tool for Exchange 2007?
Or maybe another way to "Disable CRL Checking"?

wrt CDP: Thawte Personal Freemail certificates have a CDP declared.
Not on the certificates themselves, but on the Intermediate Issuing CA.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 2000 total points
ID: 22996995
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24061656
I'm just checking in on old posts today... Are you still having this issue?  If so, please let me know so I can help some more, if not, please close accordingly..
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question