?
Solved

Self signed certificate on Exchange 2013

Posted on 2013-10-24
6
Medium Priority
?
736 Views
Last Modified: 2013-10-29
Hi,

I am in the process of doing an Exchange 2007 to 2013 migration. On our current 2007 environment we are just using a self signed certificate as we don't use Outlook Anywhere. We do use OWA but we just have the DNS entry for OWA pointing to the Exchange server and users don't mind clicking through the security alert to get to the login page.

In Exchange 2013 is it fine to run it like this with just the self signed certificate or do we need to buy a SAN or wildcard certificate?

The current users are running Outlook 2010 on Windows XP and Windows 7.
0
Comment
Question by:southwestsixteen
6 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39596995
You can continue with the self signed cert but, as you probably know, its not the recommended way.

Thanks
Mark
0
 
LVL 6

Accepted Solution

by:
vmdude earned 2000 total points
ID: 39597005
If possible I would always go with a SAN certificate. There are arguments for and against wildcards, but I'm a fan of the SAN :)

Yes you can function with a self-signed certificate but you can get SAN certificates relativity cheaply these days and this will ensure that you are configured to best practice and, should the need arise that you need to use either OWA, Outlook Anywhere or ActiveSync, then you have the certificate all ready and waiting to go.
0
 
LVL 3

Author Comment

by:southwestsixteen
ID: 39597126
Thanks for the advice guys. We currently have the self signed and are able to connect emails to our phones with Activesync (by just ignoring the security error). Will this still be the case in Exchange 2013?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 13

Expert Comment

by:Mark Galvin
ID: 39597169
yes
0
 
LVL 6

Expert Comment

by:vmdude
ID: 39597176
OWA will work, but I'm not sure 100% with phone devices. Some will not allow you to continue without a certificate that the device trusts.
If you are planning the use ActiveSync then I would still advise that it is worth investing the $ in a SAN certificate.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39599823
you can't use active sync device if you want to then you have to trusted certificate.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Ever faced an issue with Microsoft Outlook? If you’ve been working long enough with this popular emailing platform, you’ve probably faced more than one issue. Like to restore ScanPST.exe .bak file. Here in this post we will discuss the methods to re…
How to Import Outlook PST file to Exchange Server Mailbox without Powershell and Exchange Admin Center. Use SysTools Exchange Import Tool to Move PST file in Exchange 2016 / 13 / 10/ 07 Server Mailbox including Contacts, Calendar, Task and journal d…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
This video tutorial shows you the steps to go through to set up what I believe to be the best email app on the android platform to read Exchange mail.  Get the app on your phone: The first step is to make sure you have the Samsung Email app on your …

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question