Solved

How do you determine is an SSL certificate is still needed

Posted on 2016-10-16
8
51 Views
Last Modified: 2016-10-16
We have a renewal coming up from GoDaddy on owa.spcala.com SSL certificate.   We used to use that for accessing our internal Exchange server from the web.   We now use Office 365 for email.   Do we still need this site to have a certificate.
0
Comment
Question by:jrsitman
  • 4
  • 4
8 Comments
 
LVL 15

Expert Comment

by:Ivan
ID: 41845706
Hi,

if you have migrated from Exchange to Office 365, and you have decommissioned/ removed exchange from your organization, then there should not be any reason for cert renewal.

I guess that on that certificate, you have more names then just owa.spcala.com? Usually owa and autodiscover are used for exchange. If you have some additional names, then maybe that certificated is used for some other services, like sharepoint, lync and such.
Check the names on it, and then determine where are they pointing to, via public DNS. That should tell you if they are in use.

Regards,
Ivan.
1
 

Author Comment

by:jrsitman
ID: 41845724
Thanks.   The name pointing to exchange.spcala.com we don't need.   What would the autodiscover.spcala.com possibly be used for?   spcala.com is our website.
0
 
LVL 15

Accepted Solution

by:
Ivan earned 500 total points
ID: 41845828
Hi,

autodiscover.spcala.com is used for automatic configuration of Outlook and email on mobile devices.
Since you are using Office 365 now, then that record is most likely pointing to Office 365, and you don't need it anymore.. but do check where it is pointing :)

Regards,
Ivan.
1
 

Author Comment

by:jrsitman
ID: 41845842
Can you tell me how to test where it is pointing?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 15

Expert Comment

by:Ivan
ID: 41845900
You can use ping autodiscover.spcala.com

It says that it is pointing to autodiscover-emeacenter4.outlook.com. So this is Microsoft, not your local server.
0
 

Author Comment

by:jrsitman
ID: 41845902
ok.  That means we need it.

Thanks
0
 
LVL 15

Assisted Solution

by:Ivan
Ivan earned 500 total points
ID: 41845940
Hi,

no, it means that you don't need it.
If that record would point to your server, then you would need it, since when client connects, the certificate would be presented.
In your situation, record is pointing to Office 365, so you don't need it. You need the DNS record, but not the certificate it self.
0
 

Author Comment

by:jrsitman
ID: 41845975
ah, thanks
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
how to add IIS SMTP to handle application/Scanner relays into office 365.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now