Easy way to install self signed certificate on users desktops?

Posted on 2009-02-18
Medium Priority
Last Modified: 2012-05-06
I am about ready to start moving user's to Exchange 2007 but I wanted to install the self signed certificate on all desktops in my organization.

The company here doesn't own their internal namespace, some guy in the czech republic does, so a UCC certificate is out of the question.  So my solution is to run OWA out of a new website get a single namespace certificate from a trusted CA and run all the other virtual directories with the self signed certificate.

So instead of manually installing the certificate on user's desktops I was wondering if there is a way to push it via GPO, or even create an MSI with Winstall LE or something.  Any and all ideas are appreciated, thanks.
Question by:typicaldude
  • 2
LVL 65

Accepted Solution

Mestha earned 2000 total points
ID: 23673100
There is no way that I am aware of to push the certificate out.
You really need to get round the certificate issue, because Outlook Anywhere and Exchange ActiveSync are not supported with a self signed certificate.


Author Comment

ID: 23673134
The only thing I can think of is to manually install the certificate which would allow the device or workstation to fully trust the certificate.

Unfortunately this company doesn't own their internal namespace so this has caused me a headache.  I don't understand why people create thier internal domains with a .com and not ensure they own the name space.
LVL 65

Assisted Solution

Mestha earned 2000 total points
ID: 23675340
I had a client with the same problem.
They ended up using Entrust for the certificate, where most of the namespace was the public domain name. As they were an accredited Entrust customer they were able to add the internal domains to their certificate for the SAN names.
It can be avoided, but it isn't cheap to do. Unfortunately for that client, getting the domain name off the current owner would be more expensive than the certificate.


Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question