Solved

MEtro Mail app in Windows 8 with no SSL

Posted on 2013-07-01
23
1,163 Views
Last Modified: 2013-07-18
I am trying to setup a MS Surface with Windows 8 pro on it, to sync with our Exchange 2003 mobile mail. the issue seems to be that there is no way to disable the SSL in metro mail app before the account is setup. Any way around this?
0
Comment
Question by:raffie613
  • 12
  • 11
23 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39292444
If you choose to use IMAP, yes. If you choose to use exchange activesync, no.

Be aware that if you disable SSL with IMAP, your passwords are being transmitted in clear text and of course, the default network connections of portable devices like the surface pro is wireless.

For the cost of an SSL cert, I cannot ever see why you would want to do this. It just snt worth the compromised security.
0
 

Author Comment

by:raffie613
ID: 39294159
what is the cost of an SSL cert, where do I get it and how do I implement it on my 2003 exchange server?
Thanks.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39294973
There are many many SSL providers. I've seen them for less that $10/year if you catch a sale. Use your favorite searche engine.

As far as how to install it, SBS has a wizard. Look in the SBS admin tool. One of the tasks is creating and installing a certificate.
0
 

Author Comment

by:raffie613
ID: 39295049
I don't have SBS. this is a regular 2003 R2 server.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39295065
Ahh. Sorry, thought I read SBS somewhere in there. Oh well, not to worry. The exchange admin console still is pretty straightforward. And TechNet has thorough documentation.

Their "setting up client access" section has the first few steps dedicated to properly setting up SSL.

http://technet.microsoft.com/en-us/library/aa995729(v=EXCHG.65).aspx

-Cliff
0
 

Author Comment

by:raffie613
ID: 39316277
ok, and how do I setup metro mail to be configured with IMAP since that is easier?
what is the imap and smtp addresses?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39316348
You have to enable IMAP on Exchange 2003, configure it to not use SSL, set up public DNS to point to a public IP address, route that public IP address to the Exchange Server hosting IMAP.

Similarly, you must set up Exchange 2003 to accept external SMTP mail for relaying (making sure you don't create an *open* relay), set up public DNS to point to a public IP address, route that address to the Exchange Server hosting SMTP.

Yes, SMTP and IMAP can be a single Exchange server, but doesn't *have* to be either. So those are two different steps, that may or may not be able to be combined, depending on your internal topology.

So, to answer your question, the imap and smtp address is the host names you chose when setting up the public DNS settings in the above steps.

.....and for the question you haven't asked, but to preempt it in case you do....

If you need more details in installing and properly configuring IMAP and SMTP relaying on Exchange then we are back to the above, where buying a $10/year SSL cert is both easier *and* cheaper considering the labor involved.
0
 

Author Comment

by:raffie613
ID: 39316394
ok makes alot of sense to go the SSL way if you really think adding it and setting it up in Exchange is easy.
Is this all that I need to do once I purchase the certificate?


To obtain a server certificate from a certification authority
Use the Web Server Certificate Wizard to create a certificate request.
In the Web Server Certificate Wizard, on the Delayed or Immediate Request page, click Prepare the request now, but send it later.
Use the Web Server Certificate Wizard to send the request to the certification authority. The CA will process the request and then send you the certificate.
Finish using the Web Server Certificate Wizard.
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39316407
Generally yes. In most cases, you cannot use the web server certificate wizard to actually send the request to a CA though. Instead, the wizard will generate a CSR as a text file, and most CAs have a web-based site to submit that CSR. Since each CA is slightly different, that is as detailed as I can get.
0
 

Author Comment

by:raffie613
ID: 39316537
so do i add the cert using the web server wizard or another way?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39316883
Wizard. Only submitting the CSR will be outside the wizard.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:raffie613
ID: 39317753
so should be pretty simple then. Will let you know.
thanks.
0
 

Author Comment

by:raffie613
ID: 39318812
one more thing, We already have mobile OWA setup. Is it still very different and difficult to just setup the IMAP? I thought perhaps  some of the settings were already in place.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39319631
Dificult? No? Different? Yes.

But I way the same of setting up SSL. It isn't difficult. Just different. One SSL is more secure and supportable long term. So given the choice between to relatively easy processes....
0
 

Author Comment

by:raffie613
ID: 39325591
ok just purchased the SSL from go daddy. now how do i  generate the CSR?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39325617
Scroll up. One of my earlier replies has a link to a full walkthrough on the MS technet site.
0
 

Author Comment

by:raffie613
ID: 39325629
I didn't see it in there. but i got confused because earlier you said the wizard will generate the CSR, and more recently you said it will not.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39325640
No. That is not what i said, and what i said is consistent. The wizard will generate the CSR. It will not SUBMIT the CSR to the CA. Those are two different steps. You mist submit the CSR it generates yourself.
0
 

Author Comment

by:raffie613
ID: 39325653
oh ok, my bad. I understand now.
Thanks.
0
 

Author Comment

by:raffie613
ID: 39328292
ok I got it approved and now I downloaded the certificates. When I run the wizard again though, it says to enter the path with the "response" from the CA. I think it wants a text file because it didn't see or recognize the certificates I downloaded.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39328874
If you look at the dialog box, on the right is a dropdown list of file extensions. You can change that to "all files."

Conversely, you can rename the file GoDaddy sent you. The wizard defaults to wanting a .crt file, and godaddy sends a .cer file (they are the exact same contents, just the dot-extension is different.) so the wizard balks. Renaming the file does the trick.
0
 

Author Comment

by:raffie613
ID: 39330751
ok great. now they sent me a second certificate for IIS. What should I do with that one?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39330846
Only one will work with the wizard. I don't know why they sent you two. Maybe they sent you the same one twice. I'm not them...
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now