Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 539
  • Last Modified:

Certificates for Exchange and SharePoint i

Hi, I'm configurating a system with a Windows 2008 Domain Controller a TMG 2100 R2 Exchange 2010 and a SharePoint 2010.

 I need to create a certification authority CA to generate certificates, but I lost the notes ...

 I've installed the CA in the DC,
 
I have not clear what kind of certificates I need to publish in the TMG  i need all Exchange services and sharepoint HTTPS traffic.

 Are there some manual or book?

 thanks
0
limmontreefree
Asked:
limmontreefree
  • 2
  • 2
2 Solutions
 
Suliman Abu KharroubIT Consultant Commented:
For exchange and sharepoint external access you need a public certificate from a public CA like GoDaddy.

For exchange to work with full functinality and a securly you need a SAN certificate includes all the beow alternative names:
1. mail.domain.com ( where your mx record pints to mail.domain.com)
2.hostname (netbios name)
3.servernmae.domain.local
4.autodiscover.doamin.com


For share points you need another Certificate, you can use a free public CA to get a free single name certificate ( https://startssl.com ).

for AD CA deployment, see this please :http://technet.microsoft.com/en-us/library/cc772393(WS.10).aspx
0
 
limmontreefreeAuthor Commented:
Is for  test purposes and I don't want use any outside vendor, I cast all the certificates with the CA that I have installed on the DC.

I know that the Explorer bar will turn red.

Can expand the kind of certificate that I have to give in each case?

Is there any manual?

thanks again
0
 
Suliman Abu KharroubIT Consultant Commented:
Not only the explorer bar will turn red, but also some exchange services will not work at all like autodiscovery and OAB. these service needs a secure Chanel to communicate.

You have one option then:

sharepoint --same as above.

Exchange: install one certificate with single name ( mail.domain.com ) and change exchange web services VDs per the below article:
http://support.microsoft.com/kb/940726


For the above certificates you can either use an internal CA or startsll. both will do the work adn both are free.
0
 
limmontreefreeAuthor Commented:
tbanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now