Quote Originally Posted by PiqueABoo View Post
I definitely would NOT pay for a cert for Exchange.. roll your own, write a little guide on how to install the CA cert... and if you're really keen on improving their behaviour, tell them how to verify the fingerprint on the CA cert before they install it. The only time this is a bit more painful is when you're getting MS-based PDAs to talk to Exchange over SSL (you must get your CA cert onto those for it to work).

Once upon a time I used OpenSSL to make better authentication certs than Windows would (coz of the US crypto-export regs), but nowadays I'd stick with Cert Services for most Windows scenarios.
Any chance someone can give me a guide to roll out our own?
thanks nick