mikem2k
asked on
Which certificate do I add to stop the OWA website security certificate error?
Hello all.
I have recently set up an Exchange 2007 server with IIS7 and am unclear as to which certificate I need to allow users to access email through OWA without receiving the 'There is a problem with this website's security certificate' error
There appears to be an Exchange certificate as well as a certificate that would be installed in IIS under the Server Certificates area?
Do I need one or both? Also, if I only need one, is there any benefit to having both (even if this benefit is unrelated to OWA?)
Please advise.
I have recently set up an Exchange 2007 server with IIS7 and am unclear as to which certificate I need to allow users to access email through OWA without receiving the 'There is a problem with this website's security certificate' error
There appears to be an Exchange certificate as well as a certificate that would be installed in IIS under the Server Certificates area?
Do I need one or both? Also, if I only need one, is there any benefit to having both (even if this benefit is unrelated to OWA?)
Please advise.
ASKER
I apologize if my question was unclear.
The purchase and installation of the certificates seems pretty straightforward and I was planning to purchase a certificate from GoDaddy.
My question is regarding which area(s) of the Exchange server need the certificates - Exchange Server itself or the or the IIS - Server Certificates area.
The purchase and installation of the certificates seems pretty straightforward and I was planning to purchase a certificate from GoDaddy.
My question is regarding which area(s) of the Exchange server need the certificates - Exchange Server itself or the or the IIS - Server Certificates area.
ASKER
I also wanted to note that in GoDaddy, when selecting the certificate type, it displays multiple options including both IIS 7.0 and Exchange 2007.
Ah sorry - understand now :-)
You install the certificate in IIS on the website where the Exchange virtual directories are present.
If you are publishing through ISA server you also need to install the certificate on the ISA server and set it on your OWA web listener.
Not sure what type of certificate GoDaddy are offering, you just need a standard SSL certificate. So I'd say go with whatever they offer as standard.
You install the certificate in IIS on the website where the Exchange virtual directories are present.
If you are publishing through ISA server you also need to install the certificate on the ISA server and set it on your OWA web listener.
Not sure what type of certificate GoDaddy are offering, you just need a standard SSL certificate. So I'd say go with whatever they offer as standard.
ASKER
There doesn't appear to be a 'Standard SSL' option from GoDaddy.
I am attaching a screenshot of available certificate types from GoDaddy and a screenshot of the IIS 7 Certificate area.
I am also not sure how I am publishing the site; it is just using all the server defaults. It is an SBS 2008 server with Exchange 2007 and IIS7.
Do I add certificates in the IIS7 certificate area in the second screenshot or do I use the shell referenced here:
http://technet.microsoft.com/en-us/library/bb124950%28EXCHG.80%29.aspx
I am not well versed in certificates and see both methods listed throughout Experts Exchange. I was hoping to only have to obtain and install one certificate, preferably in IIS only, without using the shell.
GDCertList.bmp
IISCertScreen.bmp
I am attaching a screenshot of available certificate types from GoDaddy and a screenshot of the IIS 7 Certificate area.
I am also not sure how I am publishing the site; it is just using all the server defaults. It is an SBS 2008 server with Exchange 2007 and IIS7.
Do I add certificates in the IIS7 certificate area in the second screenshot or do I use the shell referenced here:
http://technet.microsoft.com/en-us/library/bb124950%28EXCHG.80%29.aspx
I am not well versed in certificates and see both methods listed throughout Experts Exchange. I was hoping to only have to obtain and install one certificate, preferably in IIS only, without using the shell.
GDCertList.bmp
IISCertScreen.bmp
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will try this in the next day or two.
That way when your browser gets teh certificate it can verify it with the CA.
Either that or you need to install the self generated certificate you already have on every client that will acces OWA.