[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Is it possible to use Outlook Anywhere with the Windows Certificate Services (Exchange 2007)

Posted on 2009-12-25
12
Medium Priority
?
553 Views
Last Modified: 2013-11-30
I have just recently built a Windows 2008 Server (STD) with Exchange 2007 and want to know if I can configure Outlook anywhere with just the self signed certificate (Windows Certificate Services)?

Any help would be appreciated.

certsrv.JPG
0
Comment
Question by:mfg1
  • 4
  • 4
  • 2
  • +2
12 Comments
 
LVL 9

Expert Comment

by:Raghuv
ID: 26123654
Yes, its very much possible to use Outlook Anywhere with Windows Certificate, however its not recommended.

To make it work, you need to ensure the Certificate on the Exchange Server is issued to the OWA URL or a URL used for setting up Outlook Anywhere (For Eg: Mail.DomainName.com) and then you need to manually install the Root Certificate in the Trusted Root store on each and every client computer where you plan to use Outlook via Outlook Anywhere.
0
 
LVL 12

Expert Comment

by:Saakar
ID: 26123702
Gives you a little more information, I strongly agree with Raghuv that its always recommended to use a Public Certificate rather than a private one.
Outlook Anywhere and Exchange's Self-Signed Certificate
http://exchangepedia.com/blog/2007/08/outlook-anywhere-and-exchanges-self.html
 
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26124108
Not according to Microsoft.  Please read the following section about the limitations of self-signed certificates from Microsoft:
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx 
Extract (in case of link failure):
The following list describes some limitations of the self-signed certificate
  • Expiration Date: The self-signed certificate expires 12 months after Exchange 2007 is installed. When the certificate expires, a new self-signed certificate must be manually generated by using the New-ExchangeCertificate cmdlet.
  • Outlook Anywhere: The self-signed certificate cannot be used with Outlook Anywhere. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party if you will be using Outlook Anywhere.
  • Exchange ActiveSync: The self-signed certificate cannot be used to encrypt communications between Microsoft Exchange ActiveSync devices and the Exchange server. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party for use with Exchange ActiveSync.
  • Outlook Web Access: Microsoft Outlook Web Access users will receive a prompt informing them that the certificate being used to help secure Outlook Web Access is not trusted. This error occurs because the certificate is not signed by an authority that the client trusts. Users will be able to ignore the prompt and use the self-signed certificate for Outlook Web Access. However, we recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party.
     
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 28

Expert Comment

by:peakpeak
ID: 26124341
I would think that you can use OLA with a self-signed certificate provided that you install the certificate on the client machine as well. Otherwise OLA cannot handle the propmting that occurs with OWA in case the root cert is not found.
0
 
LVL 4

Author Comment

by:mfg1
ID: 26124714
I have read all your posts and am now a little baffled, as we will at some point probably buy a 3rd party cert, but for us its not essential, I just need to know if it will work as my boss wanted to install win 2008 SBS and I have already got it working with outlook anywhere, however I wanted to install win 2008 + exchange 2007 std as I prefer to learn things the hard way not the wizard way.

I hope someone can give me a diffinitive answer to weather or not this will work with self signed windows certificate services.

PS I also read that article alanhardisty, however it does say it will also work with a Windows PKI cert.

if someone has dont this with windows certs and has it working could you let me know, please.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26124850
Please have a read of Mestha's blog about Exchange certificates:
http://blog.sembee.co.uk/archive/2008/10/16/87.aspx

0
 
LVL 4

Author Comment

by:mfg1
ID: 26127491
I have now read it but my question is, is it possible?
I understand its not supported but, if I  needed to would it be possible?
0
 
LVL 28

Expert Comment

by:peakpeak
ID: 26127560
Please try any of the many solutions offered by people trying to help .... if it's not working then buy a certificate .... Ok?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 26127707
I guess it is entirely possible as the following EE question (accepted answer) explains, but it is not recommended, not supported and thus there is little documentation about it.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23824495.html 
0
 
LVL 4

Author Closing Comment

by:mfg1
ID: 31669967
Thank you I feel this will get me closer to getting my exchange outlook anywhere environment up and running.
0
 
LVL 4

Author Comment

by:mfg1
ID: 26139349
Just to add I now have this all working on self certificates.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26139368
Well done - would you care to share how for the benefit of others?
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question