Solved

Self signed certificate on Exchange 2013

Posted on 2013-10-24
6
695 Views
Last Modified: 2013-10-29
Hi,

I am in the process of doing an Exchange 2007 to 2013 migration. On our current 2007 environment we are just using a self signed certificate as we don't use Outlook Anywhere. We do use OWA but we just have the DNS entry for OWA pointing to the Exchange server and users don't mind clicking through the security alert to get to the login page.

In Exchange 2013 is it fine to run it like this with just the self signed certificate or do we need to buy a SAN or wildcard certificate?

The current users are running Outlook 2010 on Windows XP and Windows 7.
0
Comment
Question by:southwestsixteen
6 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39596995
You can continue with the self signed cert but, as you probably know, its not the recommended way.

Thanks
Mark
0
 
LVL 6

Accepted Solution

by:
vmdude earned 500 total points
ID: 39597005
If possible I would always go with a SAN certificate. There are arguments for and against wildcards, but I'm a fan of the SAN :)

Yes you can function with a self-signed certificate but you can get SAN certificates relativity cheaply these days and this will ensure that you are configured to best practice and, should the need arise that you need to use either OWA, Outlook Anywhere or ActiveSync, then you have the certificate all ready and waiting to go.
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 39597126
Thanks for the advice guys. We currently have the self signed and are able to connect emails to our phones with Activesync (by just ignoring the security error). Will this still be the case in Exchange 2013?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39597169
yes
0
 
LVL 6

Expert Comment

by:vmdude
ID: 39597176
OWA will work, but I'm not sure 100% with phone devices. Some will not allow you to continue without a certificate that the device trusts.
If you are planning the use ActiveSync then I would still advise that it is worth investing the $ in a SAN certificate.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39599823
you can't use active sync device if you want to then you have to trusted certificate.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question