Outlook Web Access SSL Certificate
Posted on 2012-04-13
A couple of years ago I received some excellent advice from the Experts on how to set up Outlook Web Access in SBS2003 and have set up a number of these.
One issue I’m having difficulty in my head round is how the SSL Certificates work.
I was advised to always purchase a SSL certificate and did so on my first few OWA installs. Then a colleague told me this was unnecessary as SBS has its own facility to create a Certificate at no cost. So this is how I did them from then on. So what I’m failing to see is what is the benefit of paying money for a SSL certificate. In both the ones I’ve done with and without installing a paid-for certificate, the user performs exactly the same procedures to get to their OWA email, ie navigate to say owa.mydomain.com/exchange and, after getting a screen warning that there is a problem with the certificate and it is not recommended to continue, they simply select ‘Continue to this website (not recommended)’ and get to the logon name & password prompt for their email. This to me does not seem particularly secure and I wonder if there is a way of making it more secure?
On a more specific note, I have a current issue with one of my OWA setups whereby after making the usual selection ‘Continue to this website (not recommended)’ I just get a ‘Service Unavailable’ message in big black writing at the top left. Any ideas on how to fault-find this?