Solved

Self signed certificate on Exchange 2013

Posted on 2013-10-24
6
701 Views
Last Modified: 2013-10-29
Hi,

I am in the process of doing an Exchange 2007 to 2013 migration. On our current 2007 environment we are just using a self signed certificate as we don't use Outlook Anywhere. We do use OWA but we just have the DNS entry for OWA pointing to the Exchange server and users don't mind clicking through the security alert to get to the login page.

In Exchange 2013 is it fine to run it like this with just the self signed certificate or do we need to buy a SAN or wildcard certificate?

The current users are running Outlook 2010 on Windows XP and Windows 7.
0
Comment
Question by:southwestsixteen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39596995
You can continue with the self signed cert but, as you probably know, its not the recommended way.

Thanks
Mark
0
 
LVL 6

Accepted Solution

by:
vmdude earned 500 total points
ID: 39597005
If possible I would always go with a SAN certificate. There are arguments for and against wildcards, but I'm a fan of the SAN :)

Yes you can function with a self-signed certificate but you can get SAN certificates relativity cheaply these days and this will ensure that you are configured to best practice and, should the need arise that you need to use either OWA, Outlook Anywhere or ActiveSync, then you have the certificate all ready and waiting to go.
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 39597126
Thanks for the advice guys. We currently have the self signed and are able to connect emails to our phones with Activesync (by just ignoring the security error). Will this still be the case in Exchange 2013?
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39597169
yes
0
 
LVL 6

Expert Comment

by:vmdude
ID: 39597176
OWA will work, but I'm not sure 100% with phone devices. Some will not allow you to continue without a certificate that the device trusts.
If you are planning the use ActiveSync then I would still advise that it is worth investing the $ in a SAN certificate.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39599823
you can't use active sync device if you want to then you have to trusted certificate.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question