OWA for Server 2003/Exchange 2003
I have configured access to OWA with a self-signed certificate over HTTPS for Users connecting to company network. When I connect to https://mail.company.com/exchange from the outside or inside world, I get the windows dialog window for credentials.
1. I was expecting to see the Windows OWA landing page OR is this only on SBS? What options do I have?
2. How best do I deploy the self-signed certificate to Users/Computers wanting to access OWA remotely?
3. Recommendations on where I can pickup a reasonably priced SSL Cert from vendor in Australia?
4. Any other recommendations?
1. I was expecting to see the Windows OWA landing page OR is this only on SBS? What options do I have?
2. How best do I deploy the self-signed certificate to Users/Computers wanting to access OWA remotely?
3. Recommendations on where I can pickup a reasonably priced SSL Cert from vendor in Australia?
4. Any other recommendations?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Shack-Daddy
Actually, my main recommendation beyond enabling FBA is to use a public cert. Not worth the hassle to distribute self-signed. Is there a reason you can't use a GoDaddy cert in Australia? It should be affordable and available there. You can even find promo codes to use at livecodes.blogspot.com that will give you a discount on new certs.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you ngcmos and shackdaddy.
1. On which component in IIS do I enable FBA?
2. Not sure what you mean by the CA Cert then the Domain Cert? I only have one Self-Signed Cert which I exported from http://servername/certsvr
3. Regarding SSL Certs from supplier, when would I need a Multiple or Unlimited Domain? If for example my client only has domain.com, then what type of use cases would I use multiple?
1. On which component in IIS do I enable FBA?
2. Not sure what you mean by the CA Cert then the Domain Cert? I only have one Self-Signed Cert which I exported from http://servername/certsvr
3. Regarding SSL Certs from supplier, when would I need a Multiple or Unlimited Domain? If for example my client only has domain.com, then what type of use cases would I use multiple?
ASKER
In addition, what considerations do I need to make as far as where to apply a third-party cert? I currently only see OWA being used so am I issuing on Exchange site or Default Site?
Just get a single-name cert. You would use multiple if you were running Exchange 2007 or Exchange 2010 and weren't using SBS 2008 or SBS 2011.
Read my notes on enabling FBA--you enable it using the Exchange System Manager -> Server - > Protocols -> HTTP -> Properties.
When I provision a cert I set up a new dummy website in IIS and request it from there. Then when I get the cert back from GoDaddy, I install it on that Dummy site. Then I enable the cert on the Exchange site.
Read my notes on enabling FBA--you enable it using the Exchange System Manager -> Server - > Protocols -> HTTP -> Properties.
When I provision a cert I set up a new dummy website in IIS and request it from there. Then when I get the cert back from GoDaddy, I install it on that Dummy site. Then I enable the cert on the Exchange site.
ASKER
Cool - so FBA is all set.
I am still a bit stuck on the provisioning the cert thing - setting up a dummy site I suppose works, but I assume there is a general best practice to follow here. Should I provision from Default Site? Issues with doing this?
Have you got any info on the Single vs Multiple I can reference?
I am still a bit stuck on the provisioning the cert thing - setting up a dummy site I suppose works, but I assume there is a general best practice to follow here. Should I provision from Default Site? Issues with doing this?
Have you got any info on the Single vs Multiple I can reference?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sounds good - so once I get it back from Go Daddy, I will assign to DWS, but do I also need to assign to /Exchange directory in IIS?
No, you only assign certs to the root web site.