Solved

Exchange 2010 certificate

Posted on 2013-11-09
9
261 Views
Last Modified: 2013-11-25
I believe Exchange server 2010 requires certificate for OWA…I am not sure if it requires certificate for internal usage.

in either case if there are already certificates installed for OWA as well as for internal usage, where can I check that, and also wonder if they expire at certain time, or once you install them , they are forever..??

Thank you
0
Comment
Question by:jskfan
9 Comments
 
LVL 15

Assisted Solution

by:Skyler Kincaid
Skyler Kincaid earned 100 total points
ID: 39636509
If you want to use OWA external without the the cert error and if you would like to have anyone be able to set there email up on their phones or use Outlook externally you need to get a UCC cert. They will run you around $500 and that will be good for a year. Sometimes you can get discounts if you buy the 3 year certs but usually they are still the one year price times 3.

You would need to check it from IIS.

http://technet.microsoft.com/en-us/library/cc754686(v=ws.10).aspx

Have you ever bought or applied a cert before?
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 200 total points
ID: 39636606
Is your internal and external OWA URLs are same ?
Normally internal and external OWA urls are different.
When you install CAS role, Exchange automatically create X.509 SSL server certificate for you with server FQDN as certificate common name.
Since most of the organizations make custom internal OWA URL, this default certificate will work with warning message.
In order to get rid of this message, you can install Windows internal AD integrated Certificate authority or can use existing one if you have and generate required SSL cert for your internal OWA url.
The expiry period of this certificate depends upon what you have set on CA server.
All OWA certificates can be located at certificate personnel store or
through Exchange MMC\server configuration\CAS Server
Hope that helps
0
 
LVL 6

Assisted Solution

by:iradatsiddiqui
iradatsiddiqui earned 100 total points
ID: 39636673
0
 
LVL 10

Assisted Solution

by:Vijaya Babu Sekar
Vijaya Babu Sekar earned 100 total points
ID: 39638137
No, Based on the exchange version. have some validity, for eg: if you installed Exchange 2010 SP1 it will be valid for 5 years. then you need create new certificate. if you dont want external use. you dont create any ssl certificate.

if you want to use external. you should create, import and enabled the certificate for OWA, Active sync, outlook any where,

You can refer the below article, it will useful for create the SSL certificate for external
http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm

Thanks.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:jskfan
ID: 39640506
yes ...Internal and external URLs for OWA are the same
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39640977
In that case you don't required additional certificates.
You can have single Public SSL cert with required Subject alternative names (SAN) and bind all Exchange services to that certificate.
If you wanted to use different url for internal network, then you need to create additional SSL cert from Internal CA server.
Also you need to create additional CAS VIP OR additional OWA virtual directory which can bind internal SSL cert.
0
 

Author Comment

by:jskfan
ID: 39642548
in my case, Internal and external URLs for OWA are the same .

where in Exchange can I check the Certificate and the date of its expiration ?
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 200 total points
ID: 39642773
0
 

Author Closing Comment

by:jskfan
ID: 39676331
Thanks
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now