Hello everyone, I'm setting up a mail system Exchange 2010 with SP3 and last RU.

I have thought to use for external connections with OWA, ActiveSync and IMAP4.
For internal client connections I will use OWA, Oulook (versions 2003/2007) and POP3.

In the installation, the system generates a self-signed certificate me, but not if this certificate is valid to configure ActiveSync connections.

Is the self-signed certificate installed by default on Exchange 2010 system is valid for customers configure connections with ActiveSync?

Nope. Unless you want each user to have to install it manually. Use a 3rd party cert. (Digicert, GoDaddy, etc...). THese are automatically trusted for the most part.

Hi Yupikaiey,

Thank you for your question.

I agree with Andy.

This self-signed certificate will allow some client protocols to use SSL for their communications. Exchange ActiveSync and Outlook Web App can establish an SSL connection by using a self-signed certificate. Outlook Anywhere won't work with a self-signed certificate on the Client Access server. Self-signed certificates must be manually copied to the trusted root certificate store on the client computer or mobile device. When a client connects to a server over SSL and the server presents a self-signed certificate, the client will be prompted to verify that the certificate was issued by a trusted authority. The client must explicitly trust the issuing authority. If the client confirms the trust, then SSL communications can continue.

We could refer to the following link:

https://technet.microsoft.com/en-us/library/dd351044%28v=exchg.150%29.aspx

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim