mcse2007
asked on
Self signed certificate with Exchange
Hi,
Just installed Exchange 2010 from SBS 2011. The installation went without any problem. But the issue right now is each time a user log into MS Outlook, a pop up screen would show up, acknowledging the 'certificate' isn't trusted.
So you installed the certificate into its default location, close off MS Outlook, again the pop up screen appears about the certificate.
It appears this certificate is self signed when exchange was initially installed. But, if it's a domain certificate WHY it keeps popping up every time MS Outlook is open.
Is there a way to turn this thing off (e.g., using the GP Management console to installed it to computer) ? Would that work?????????
Heaps of thanks.
Just installed Exchange 2010 from SBS 2011. The installation went without any problem. But the issue right now is each time a user log into MS Outlook, a pop up screen would show up, acknowledging the 'certificate' isn't trusted.
So you installed the certificate into its default location, close off MS Outlook, again the pop up screen appears about the certificate.
It appears this certificate is self signed when exchange was initially installed. But, if it's a domain certificate WHY it keeps popping up every time MS Outlook is open.
Is there a way to turn this thing off (e.g., using the GP Management console to installed it to computer) ? Would that work?????????
Heaps of thanks.
ASKER
Thanks Alanhardisty........I gather 5 certificates that needed to be purchased as per the above?
Only one certificate - multiple names included in the certificate (Subject Alternative Name / Unified Communications Certificate).
ASKER
Are these the links that you most referring to:
SAN
http://www.godaddy.com/domains/searchresults2.aspx?ci=16811
UCC
http://www.godaddy.com/domains/searchresults2.aspx?ci=42376
It is during the puchasing/registration of the certicate where you can nominate your 5 max names?
SAN
http://www.godaddy.com/domains/searchresults2.aspx?ci=16811
UCC
http://www.godaddy.com/domains/searchresults2.aspx?ci=42376
It is during the puchasing/registration of the certicate where you can nominate your 5 max names?
Try this:
http://www.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
Standard SSL - Multiple Domains UCC - Up To 5 Domains - Select the number of years you want (I usually go for 3 minimum).
These are $89.99 / year but my reseller site is $59.99 / year :) Look at my profile for details if you are interested.
http://www.godaddy.com/ssl/ssl-certificates.aspx?ci=9039
Standard SSL - Multiple Domains UCC - Up To 5 Domains - Select the number of years you want (I usually go for 3 minimum).
These are $89.99 / year but my reseller site is $59.99 / year :) Look at my profile for details if you are interested.
ASKER
Sorry few more questions:
When you buy the Standard SSL - Multiple Domains UCC, installing it just like installing a typical SSL certificate, no different?
Also, what will happened to the Self Signed Certificate that is pre-installed?
Why would those annoying pop up screen from MS Outlook would go away, can't it self signed certificate address the issue?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
B R I L L I A N T !!!!
Thank you so much sir.
Thank you so much sir.
:) - Glad it is working and the errors have gone away.
Alan
Alan
ASKER
Hi Alanhardisty
A friend of mine asked me, would it be possible to purchase your registered SAN like:
*.domain.com
Rather than the following:
mail.domain.com
citrix.domain.com
www.domain.com
shop.domain.com
register.domain.com
Heaps of thanks
A friend of mine asked me, would it be possible to purchase your registered SAN like:
*.domain.com
Rather than the following:
mail.domain.com
citrix.domain.com
www.domain.com
shop.domain.com
register.domain.com
Heaps of thanks
Wildcard certs are more expensive but you can buy one if you want, but you need the names I mentioned in my first post which a Wildcard cert won't cover.
I would recommend you purchase a Go-Daddy SSL for about $180 (for 3 years) which needs to be a SAN / UCC SSL cert - max 5 names and you should include the following names in the cert:
remote.yourexternaldomain.
autodiscover.yourexternald
internalservername.interna
internalservername
sites
Once this is installed - all error messages should disappear.