Solved

TLS encryption between domains on Exchange 2010

Posted on 2010-09-02
8
1,364 Views
Last Modified: 2012-05-10
I need to set up TLS encryption between my domain and another organization's domain. My environment consists of an Edge Transport server and Hub/CAS/Mailbox server. What connectors do I need and where do I place a certificate? Thanks!
0
Comment
Question by:MCSF
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 8

Expert Comment

by:pmorton23
ID: 33588177
you place the cert on the last out going and first incoming emails servers (or anti spam appliance).  all you do is install the cert, and turn on TLS within the last smtp server. we use ask for tls on all connections but if they dont answer intls drop to normal smtp conversation.
0
 

Author Comment

by:MCSF
ID: 33591430
how do you initiate a self-signed cert and how do you install it on the edge transport role?
0
 
LVL 8

Expert Comment

by:pmorton23
ID: 33592235
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:MCSF
ID: 33745663
The first link talks about open ssl and the second link talks about SSL for OWA. I do not want to use open ssl and I already have a 3rd party cert for OWA. How do I create a certificate through my own CA and use it on the edge transport server?
0
 
LVL 8

Expert Comment

by:pmorton23
ID: 33745699
why do you want to host your own cert. you can buy one for about $100-150. digicert allows multiple servers for one cert.
0
 

Accepted Solution

by:
MCSF earned 0 total points
ID: 33745836
This will be for TLS between one other domain and we are trying to accomodate this at their request. It will not be used for anything other than encrypting mail between us and them.
0
 
LVL 8

Expert Comment

by:pmorton23
ID: 33745927
I hear you. we also setup TLS for a request from a customer. initially it was only setup for one company but now we have had 4 other customers request TLS also.
once you install a TLS/SSL cert it will work for any and all smtp systems using TLS.
0
 

Author Closing Comment

by:MCSF
ID: 34224600
Did not get any resolution. Currently not using TLS.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In-place Upgrading Dirsync to Azure AD Connect
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question