Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

TLS connection on Mail server

Posted on 2016-09-13
8
Medium Priority
?
99 Views
Last Modified: 2016-09-14
For mail server to establish TLS, do I need to install a certfiicate on the server ?

thx
0
Comment
Question by:AXISHK
8 Comments
 
LVL 7

Expert Comment

by:Ned Ramsay
ID: 41797190
Unfortunately yes.
You can use an Internal Windows CA but only if you have one setup in active directory.
0
 

Author Comment

by:AXISHK
ID: 41797195
Can i generate a self certficate in the server for this purpose ?

Thx
0
 
LVL 17

Expert Comment

by:Todd Nelson
ID: 41797262
Yes, you need a certificate for TLS.  If you are using for something like Office 365 it cannot be a self signed certificate.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:AXISHK
ID: 41797266
We own our Exchange 2010. If I use the self certificate, will TLS be established with other side ?

Thx
0
 
LVL 7

Assisted Solution

by:Ned Ramsay
Ned Ramsay earned 800 total points
ID: 41797287
It will work for connecting through TLS from your client workstations/phones etc.

TLS to another mail server no. The receiving mailserver has no way of knowing if it is genuine if you dont have a recognized CA cert.

I had to do something like this recently to encrypt legal data between two companies.
0
 

Author Comment

by:AXISHK
ID: 41797299
can Exchange use other connection for mail transmission in case TLS can't be established ?

Can you share how to setup the TLS on the Exchange ?

Thx
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1200 total points
ID: 41798832
Exchange does Opportunist TLS - so it will fall back to plain SMTP if TLS cannot be done. There is nothing to setup to do that.
You only need to change the configuration if you want to use Mutual TLS (basically use TLS or drop the connection).

Do you not have a trusted SSL certificate on Exchange already? It is pretty much mandatory for Exchange to have a trusted SSL certificate if you have external clients. The self signed certificates are not supported for use with Outlook Anywhere and ActiveSync.

When you can get a suitable certificate for less than $60, trying to get a self signed certificate to work is a false economy.
1
 

Author Closing Comment

by:AXISHK
ID: 41799017
Thx
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question