+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20
Enterprise Software Thread, Installed SSL certificate for OWA, but Outlook is trying to use it internally in Technical; Originally Posted by sidewinder Yes but we're an independent school, would they still issue one? Yep any educational institution for ...
  1. #16
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    25
    Quote Originally Posted by sidewinder View Post
    Yes but we're an independent school, would they still issue one?

    Yep any educational institution

    for a san cert, you need to create the the cert request (so for you in exchange with at the end of the wizard you should have all you san names)

    apply for the cert order order, has soon as soon as you get your cert order email with the order number make a support ticket and state you would like a free san cert and write down the following san name you need along with your order number.
    Last edited by pritchardavid; 3rd February 2012 at 08:54 AM.

  2. #17
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,774
    Thank Post
    213
    Thanked 263 Times in 213 Posts
    Rep Power
    67
    help, I'm about to make a cert request but need some pointers on the last few fields. I've half filled it in but I think I need to make an ldap request to make sure I fill in the last few fields correctly.

    Code:
    New-ExchangeCertificate -GenerateRequest -DomainName bemail.beaminster.dorset.sch.uk, autodiscover.beaminster.dorset.sch.uk,  exchange.dcc-sch-4505.local, exchange -FriendlyName beaminsterschexchange -KeySize 1024 -PrivateKeyExportable:$True -SubjectName "c=US o=contoso inc, CN=server01.contoso.com" -Path c:\certrequest.txt
    c should equal UK?
    o ? I can't find organisation in Active directory?
    cn should equal the servers local or public name?


    external name bemail.beaminster.dorset.sch.uk
    internal name exchange.dcc-sch-4505.local

    I don't have the autodiscover service working (I think) but I don't see the harm in including it. All my 2003 and 2010 outlook clients work fine as do the owa clients. I have to set them up by hand but no biggie.
    Last edited by chazzy2501; 8th April 2013 at 10:41 AM.

  3. #18
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    25
    Personally I would not do it this way. I would advise you if you haven't all ready is to add "beaminster.dorset.sch.uk" as a DNS zone in your internal DNS server(s). Add the bemail as a A Record in that zone. You can then configure your Exchange server to use the same name internally and externally (bemail.beaminster.dorset.sch.uk), this will make it a ton easier being the same. Personally to make sure you have not gone wrong with powershell code, you can create the SSL cert the the Exchange console.
    Last edited by pritchardavid; 8th April 2013 at 11:30 AM.

  4. #19
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,774
    Thank Post
    213
    Thanked 263 Times in 213 Posts
    Rep Power
    67
    @pritchardavid Yes, that is the way for single name certs. Which I now realize I have todo as the UC certs are not free

    Do I have to setup a DNS Zone? I can already ping bemail.beaminster.dorset.sch.uk locally and get the local ip address. (and I can RDP to it using bemail)

    This may upset my outlook clients as they connect to exchange.dcc-sch-4505.local ?

    cheers

  5. #20
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    25
    What is your internal domain? Is it... dcc-sch-4505.local? What did you request/got for your certificate in the end? Advantages of using the internal DNS zone is it quicker (doesn't have to access the I internet to find DNS records)

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Replies: 10
    Last Post: 26th July 2013, 02:20 PM
  2. Free SSL Certificates for JANET connected schools
    By Dos_Box in forum Wireless Networks
    Replies: 25
    Last Post: 29th April 2013, 03:26 PM
  3. Replies: 2
    Last Post: 25th November 2010, 12:50 PM
  4. SSL Certificates for Exchange 2007
    By jdibsdale in forum Windows
    Replies: 14
    Last Post: 29th May 2009, 06:40 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •