Solved

Self signed certificate on Exchange 2013

Posted on 2013-10-24
6
693 Views
Last Modified: 2013-10-29
Hi,

I am in the process of doing an Exchange 2007 to 2013 migration. On our current 2007 environment we are just using a self signed certificate as we don't use Outlook Anywhere. We do use OWA but we just have the DNS entry for OWA pointing to the Exchange server and users don't mind clicking through the security alert to get to the login page.

In Exchange 2013 is it fine to run it like this with just the self signed certificate or do we need to buy a SAN or wildcard certificate?

The current users are running Outlook 2010 on Windows XP and Windows 7.
0
Comment
Question by:southwestsixteen
6 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39596995
You can continue with the self signed cert but, as you probably know, its not the recommended way.

Thanks
Mark
0
 
LVL 6

Accepted Solution

by:
vmdude earned 500 total points
ID: 39597005
If possible I would always go with a SAN certificate. There are arguments for and against wildcards, but I'm a fan of the SAN :)

Yes you can function with a self-signed certificate but you can get SAN certificates relativity cheaply these days and this will ensure that you are configured to best practice and, should the need arise that you need to use either OWA, Outlook Anywhere or ActiveSync, then you have the certificate all ready and waiting to go.
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 39597126
Thanks for the advice guys. We currently have the self signed and are able to connect emails to our phones with Activesync (by just ignoring the security error). Will this still be the case in Exchange 2013?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39597169
yes
0
 
LVL 6

Expert Comment

by:vmdude
ID: 39597176
OWA will work, but I'm not sure 100% with phone devices. Some will not allow you to continue without a certificate that the device trusts.
If you are planning the use ActiveSync then I would still advise that it is worth investing the $ in a SAN certificate.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39599823
you can't use active sync device if you want to then you have to trusted certificate.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Read this checklist to learn more about the 15 things you should never include in an email signature.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

823 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question