+ Post New Thread
Results 1 to 10 of 10
How do you do....it? Thread, Outlook Web Access Certificate in Technical; Gahhh! Okay so here's the problem: We've set up exchange and got outlook web access and all that lovely stuff. ...
  1. #1
    Friez's Avatar
    Join Date
    Dec 2006
    Posts
    839
    Thank Post
    22
    Thanked 22 Times in 21 Posts
    Rep Power
    23

    Outlook Web Access Certificate

    Gahhh!

    Okay so here's the problem: We've set up exchange and got outlook web access and all that lovely stuff. We've made our own temporary certificate which of course makes IE scream 'ITS DANGEROUS JIM, DONT CLICK IT'. Of course, everyone must accept the certificate in order to get into their mail.

    Well, I've been tasked in getting a genuine certificate for the server to shut up this message, except I'm not entirely sure of:

    a) What certificate to get *exactly*
    b) How to go about installing it (although this is not the big kicker).



    Here's our incredibly fubar setup:

    Our Internal Mail Server uses a smart host at SWGfL for delivery.

    Our outfacing website (.org) REDIRECTS to a subdomain of our SWGfL website (.sch.uk) which is bound to the IP of our OWA webserver.

    Our email addresses all use the domain name of the outfacing website.

    RIGHT! So what certificate must we install onto our mail server in order to have it all work from our .org site?

    Do I use the domain name of the .org, or the .sch.uk or something else?

    *headache*

    Many thanks in advance.

  2. #2
    apeo's Avatar
    Join Date
    Sep 2005
    Location
    Lost
    Posts
    1,612
    Thank Post
    95
    Thanked 115 Times in 111 Posts
    Rep Power
    42
    You may find this useful:

    Create your own CA

    To answer your question, i would say the sch.uk one as your org one redirects to the sch.uk so your actual url is sch.uk

  3. Thanks to apeo from:

    Friez (2nd June 2008)

  4. #3

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,645
    Thank Post
    895
    Thanked 1,314 Times in 798 Posts
    Blog Entries
    1
    Rep Power
    444
    Buy for the .sch.uk domain imho.
    Do you use OMA/Activsync?
    If the url of the OWA is on the sch.uk domain then you need that server secured. Getting this setup can be simple and it can be hell.
    What kind of firewall/proxy do you use that sits between OWA and the internet?

  5. Thanks to ZeroHour from:

    Friez (2nd June 2008)

  6. #4
    Friez's Avatar
    Join Date
    Dec 2006
    Posts
    839
    Thank Post
    22
    Thanked 22 Times in 21 Posts
    Rep Power
    23
    We don't use activsync or anything like that, just basic OWA access to their email. The systems not fully in place yet (the majority are still using easymail) but we hope to roll over soon!

    I don't think we'll have much problem with firewalls or the like, it's just knowing which domain name to register the certificate for since theres so many blasted domains in the equation

  7. #5

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,645
    Thank Post
    895
    Thanked 1,314 Times in 798 Posts
    Blog Entries
    1
    Rep Power
    444
    It depends, if you were say using ISA 2004+ and using exchange publishing then yeh it makes a difference.
    We bought our certificate through GeoTrust and it was a QuickSSL Premium which has the correct root certificates so mobile devices would work as well.
    If you dont need this then comodo are one of the cheapest and biggest.
    We had a couple of issues getting the companies to issue certificates though due to whois problems.

    Also note you can not change the url and external ip once you buy a cert fyi.

  8. #6
    binky's Avatar
    Join Date
    Sep 2006
    Posts
    290
    Thank Post
    1
    Thanked 19 Times in 16 Posts
    Rep Power
    0
    We use ipsCA its trusted, so mobile devices work and you don't get that certificate error / warning. You shouldn't need an EV Certificate either.

    and I bet I can beat all your prices (here's the best bit)....

    ipsCA is free for schools!

  9. Thanks to binky from:

    tri_94 (6th June 2008)

  10. #7
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,349
    Thank Post
    322
    Thanked 107 Times in 96 Posts
    Rep Power
    50
    Quote Originally Posted by ZeroHour View Post
    It depends, if you were say using ISA 2004+ and using exchange publishing then yeh it makes a difference.
    We bought our certificate through GeoTrust and it was a QuickSSL Premium which has the correct root certificates so mobile devices would work as well.
    If you dont need this then comodo are one of the cheapest and biggest.
    We had a couple of issues getting the companies to issue certificates though due to whois problems.

    Also note you can not change the url and external ip once you buy a cert fyi.
    Digging up an old thread here. Has anyone used comodo? I've just ordered a cert from them and then found out that they require photo ID, (I didn't see this mentioned when I read through their site) they will only accept senior management photo ID and not surprisingly our head is not happy to do this, can't see any others being either! As a NM I'm too lowly a being for them to accept my ID......

  11. #8
    pooley's Avatar
    Join Date
    Sep 2005
    Location
    S Wales
    Posts
    1,129
    Thank Post
    77
    Thanked 118 Times in 99 Posts
    Rep Power
    66
    Quote Originally Posted by joe90bass View Post
    Digging up an old thread here. Has anyone used comodo? I've just ordered a cert from them and then found out that they require photo ID, (I didn't see this mentioned when I read through their site) they will only accept senior management photo ID and not surprisingly our head is not happy to do this, can't see any others being either! As a NM I'm too lowly a being for them to accept my ID......
    Ditch them m8 and go with ipsCA works fine here and has been posted its entirely free

  12. #9
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,349
    Thank Post
    322
    Thanked 107 Times in 96 Posts
    Rep Power
    50
    I tried signing up and never heard back from them. Will have to try again!

    See you on the 3rd!

  13. #10
    pooley's Avatar
    Join Date
    Sep 2005
    Location
    S Wales
    Posts
    1,129
    Thank Post
    77
    Thanked 118 Times in 99 Posts
    Rep Power
    66
    If I remember right, you have to have an admin@ email address

SHARE:
+ Post New Thread

Similar Threads

  1. Sharepoint Outlook Web Access
    By wesleyw in forum Windows
    Replies: 3
    Last Post: 20th October 2008, 12:18 PM
  2. Outlook Web Access trial
    By amacken in forum Windows
    Replies: 15
    Last Post: 6th September 2008, 10:20 AM
  3. Outlook Web Access Problem
    By coop1984 in forum Windows
    Replies: 16
    Last Post: 28th April 2008, 01:02 PM
  4. Outlook Web Access issue
    By JAW$ in forum Windows
    Replies: 2
    Last Post: 19th March 2008, 02:32 PM
  5. New users can't log in to Outlook Web Access
    By WithoutMotive in forum Windows
    Replies: 5
    Last Post: 7th September 2007, 11:17 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •