Solved

Exchange 2010 certificate

Posted on 2013-11-09
9
268 Views
Last Modified: 2013-11-25
I believe Exchange server 2010 requires certificate for OWA…I am not sure if it requires certificate for internal usage.

in either case if there are already certificates installed for OWA as well as for internal usage, where can I check that, and also wonder if they expire at certain time, or once you install them , they are forever..??

Thank you
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 15

Assisted Solution

by:Skyler Kincaid
Skyler Kincaid earned 100 total points
ID: 39636509
If you want to use OWA external without the the cert error and if you would like to have anyone be able to set there email up on their phones or use Outlook externally you need to get a UCC cert. They will run you around $500 and that will be good for a year. Sometimes you can get discounts if you buy the 3 year certs but usually they are still the one year price times 3.

You would need to check it from IIS.

http://technet.microsoft.com/en-us/library/cc754686(v=ws.10).aspx

Have you ever bought or applied a cert before?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 200 total points
ID: 39636606
Is your internal and external OWA URLs are same ?
Normally internal and external OWA urls are different.
When you install CAS role, Exchange automatically create X.509 SSL server certificate for you with server FQDN as certificate common name.
Since most of the organizations make custom internal OWA URL, this default certificate will work with warning message.
In order to get rid of this message, you can install Windows internal AD integrated Certificate authority or can use existing one if you have and generate required SSL cert for your internal OWA url.
The expiry period of this certificate depends upon what you have set on CA server.
All OWA certificates can be located at certificate personnel store or
through Exchange MMC\server configuration\CAS Server
Hope that helps
0
 
LVL 6

Assisted Solution

by:iradatsiddiqui
iradatsiddiqui earned 100 total points
ID: 39636673
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 10

Assisted Solution

by:Vijaya Babu Sekar
Vijaya Babu Sekar earned 100 total points
ID: 39638137
No, Based on the exchange version. have some validity, for eg: if you installed Exchange 2010 SP1 it will be valid for 5 years. then you need create new certificate. if you dont want external use. you dont create any ssl certificate.

if you want to use external. you should create, import and enabled the certificate for OWA, Active sync, outlook any where,

You can refer the below article, it will useful for create the SSL certificate for external
http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm

Thanks.
0
 

Author Comment

by:jskfan
ID: 39640506
yes ...Internal and external URLs for OWA are the same
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39640977
In that case you don't required additional certificates.
You can have single Public SSL cert with required Subject alternative names (SAN) and bind all Exchange services to that certificate.
If you wanted to use different url for internal network, then you need to create additional SSL cert from Internal CA server.
Also you need to create additional CAS VIP OR additional OWA virtual directory which can bind internal SSL cert.
0
 

Author Comment

by:jskfan
ID: 39642548
in my case, Internal and external URLs for OWA are the same .

where in Exchange can I check the Certificate and the date of its expiration ?
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 200 total points
ID: 39642773
0
 

Author Closing Comment

by:jskfan
ID: 39676331
Thanks
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question