TLS connection on Mail server

For mail server to establish TLS, do I need to install a certfiicate on the server ?

thx
AXISHKAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
Exchange does Opportunist TLS - so it will fall back to plain SMTP if TLS cannot be done. There is nothing to setup to do that.
You only need to change the configuration if you want to use Mutual TLS (basically use TLS or drop the connection).

Do you not have a trusted SSL certificate on Exchange already? It is pretty much mandatory for Exchange to have a trusted SSL certificate if you have external clients. The self signed certificates are not supported for use with Outlook Anywhere and ActiveSync.

When you can get a suitable certificate for less than $60, trying to get a self signed certificate to work is a false economy.
1
 
Ned RamsayNetwork Operations ManagerCommented:
Unfortunately yes.
You can use an Internal Windows CA but only if you have one setup in active directory.
0
 
AXISHKAuthor Commented:
Can i generate a self certficate in the server for this purpose ?

Thx
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Todd NelsonSystems EngineerCommented:
Yes, you need a certificate for TLS.  If you are using for something like Office 365 it cannot be a self signed certificate.
0
 
AXISHKAuthor Commented:
We own our Exchange 2010. If I use the self certificate, will TLS be established with other side ?

Thx
0
 
Ned RamsayConnect With a Mentor Network Operations ManagerCommented:
It will work for connecting through TLS from your client workstations/phones etc.

TLS to another mail server no. The receiving mailserver has no way of knowing if it is genuine if you dont have a recognized CA cert.

I had to do something like this recently to encrypt legal data between two companies.
0
 
AXISHKAuthor Commented:
can Exchange use other connection for mail transmission in case TLS can't be established ?

Can you share how to setup the TLS on the Exchange ?

Thx
0
 
AXISHKAuthor Commented:
Thx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.