Exchange 2013 - new mailbox server - certificates?

Do I need to worry about this or does the install do it for me anyway?

I can see 3 self-signed certificates on the existing mailbox servers.
LVL 1
paulfoelAsked:
Who is Participating?
 
AndyConnect With a Mentor It ConsultantCommented:
When Exchange Server 2013 is installed, a self-signed certificate is created during the installation process and that certificate is assigned to all services provided by Exchange Server.

If you have servers running different roles in Exchange Server 2013, you just need to worry about the Client Access Server role since that is the role that is going to be used for the client communications.

Since we know that all Certificates will be on the CAS portion, it is nice to know that services using the certificate that we are managing are all services that rely on IIS (OWA, EAC, Web Services, Active Sync, Outlook Anywhere, Autodiscover and OAB), legacy protocols such as POP and IMAP, and SMTP for TLS.
0
 
paulfoelAuthor Commented:
Great. Just a mailbox server (or will be when I do it properly this time)!
0
 
jmac44Commented:
That depends. Not having one will not change the way Exchange performs or deliver mail. You can get by with self signed certificates. If anyone uses OWA the browser will always complain that the certificate is invalid. But as long as everyone in your organization is aware of it and excepts it there shouldn't be a problem. Certificates are not that expensive anymore and it's usually worth the cost to get one through a CA rather than go through all the hassle. There is also a way to set up a server of your own to be a CA but I don't have the specks on that.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.