One of our customers is required to use Perfect Forward Secrecy for his mail server.
What are the requirements to use PFS on SBS2011(based on 2008R2)/Exchange for SMTP?
OWA/Outlook Anywhere/Acitve Sync are not the priority, but it would be nice to cover that too. At least it shouldn't break these features.
Do they need a certificate from a public CA or is a private CA enough? Are there special requirements the certificate has to meet?
What changes are needed in SBS2011 and/or Exchange and/or IIS to use Perfect Forward Secrecy for SMTP?