Internet Related/Filtering/Firewall Thread, SSL Certs with no intermediate stuff in Technical; Not really delt with Certs much but I thought it'd be nice to offer SSL over OWA ) I need ...
31st May 2012, 01:10 PM #1
SSL Certs with no intermediate stuff
Not really delt with Certs much but I thought it'd be nice to offer SSL over OWA ) I need to buy a cert but I'd rather not have the additional pain of using intermediate certs.
btw is it worth getting a wildcard cert? or is it a service?
Plus if anyone has a nice clear guide on using certs with exchange 2007 that'd be nice to. (I know enough to refresh my Self certs but thats it)
31st May 2012, 01:16 PM #2
for exchange you will need a SAN cert and include the internal name of your Exchange server. If you dont your outlook clients will give your certificate errors. You can use a wildcard and do this with Exchange but i am not sure if it is supported.
31st May 2012, 01:41 PM #3
Oh? I cant just get a cert for the IIS and leave the rest self cert?
31st May 2012, 01:54 PM #4
You can, OWA just uses IIS, so you can use a 3rd party cert for simplcity.
31st May 2012, 01:55 PM #5
Erm i have a feeling you cant in exchange @sukh might know
31st May 2012, 02:40 PM #6
You can use a non SAN cert in exchange but you must use split DNS and mess with the autodiscover and other internal URLs to make them all use the same domains internally and externally.
31st May 2012, 03:32 PM #7
For simplicity, get a 3rd part cert otherwsie end users will get cert prompts. If you do get a 3rd part cert, then you simply assign this to the services you want, i.e IIS, SMTP, IMAP4 etc..
Get the name you want in the cert, make sure to get your common name correct and that's just about it.
1st June 2012, 06:12 AM #8
I would just do it the proper way and get a UCC/SAN cert. We use GoDaddy for this as they are pretty cheap.
This way its the recommended format, it works properly and you dont have to do any special configs.
1st June 2012, 06:58 AM #9
You are going to have to pay a lot more if you don't want an intermediate certificate. I can't see the "pain" being worth the additional cost personally.
Originally Posted by chazzy2501
For a 5 domain 3 year UCC, GoDaddy charge $215.97 (£140.48) whereas DigiCert charge $928 (£603.62). A difference of £463.14!
1st June 2012, 03:32 PM #10
What do you mean additional pain of an intermediate cert? You download it, put it in the intermediate store of your exchange server and voila! done.
6th June 2012, 12:39 PM #11
We use a wildcard certificate to cover our OWA and other external services we provide.
By Ben_Stanton in forum How do you do....it?
Last Post: 29th November 2010, 02:10 PM
Last Post: 4th August 2008, 02:50 PM
By ICTNUT in forum Windows
Last Post: 15th November 2007, 09:35 AM
By mark in forum MIS Systems
Last Post: 6th November 2006, 08:50 PM
By contink in forum How do you do....it?
Last Post: 11th October 2006, 02:44 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)