Hi
I have windows 2008 R2 Domain and Exchange 2010 . So to use OWA internal, need the Certificate.( without SSL error page)
So how do i setup that?

AS

There is an amazing pack of free network admin tools. click here to download it

Exchange 2010 installation with create a self signed cert issued by the Exchange server itself which you can get to locally using
https://CASserver/owa. However your clients will get a cert warning since it's not inherently trusted. You need to get an external SSL cert with all the required SAN names.
autodiscover.company.com
webmail.company.com
exchangeservername.company.local (optional)

http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010James
Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

There is an amazing pack of free network admin tools. click here to download it

Create the certificate request in IIS console of CAS. Process the request in a CA. Complete the CR in CAS. Edit the site bindings to use the certificate in OWA in IIS. Install the certificate in the clients.Regards from
www.windowsadmin.info
|
www.blog.windowsadmin.info


There is an amazing pack of free network admin tools. click here to download it

Exchange 2010 installation with create a self signed cert issued by the Exchange server itself which you can get to locally using
https://CASserver/owa. However your clients will get a cert warning since it's not inherently trusted. You need to get an external SSL cert with all the required SAN names.
autodiscover.company.com
webmail.company.com
exchangeservername.company.local (optional)

http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010James
Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

There is an amazing pack of free network admin tools. click here to download it

Create the certificate request in IIS console of CAS. Process the request in a CA. Complete the CR in CAS. Edit the site bindings to use the certificate in OWA in IIS. Install the certificate in the clients.Regards from
www.windowsadmin.info
|
www.blog.windowsadmin.info


Need to support users over the internet? click here try our remote control online beta

Hi All,
I got one Exchange servr with all in one. And i got the SSL for rest but not for "exchangeservername.company.local" So do i have to install
AD CS on PDC and issued the certificate? this is the part i stuck? or get the wildcard SSL for everything?

AS

There is an amazing pack of free network admin tools. click here to download it

Don't worry if you didnt add exchangeservername.company.local. What do you mean do you have to install AD CS on PDC and issue cert? Did you get the cert from a third party ie godaddy, verisign etc? If so you need to finish off the request from the Exchange
server. Yes you can use wildcard but those are typically more expensive and they require a bit more tweaking to get certain services to work.James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

There is an amazing pack of free network admin tools. click here to download it

Hi All,
And i got the SSL for rest but not for "exchangeservername.company.local" So do i have to install AD CS on PDC and issued the certificate? this is the part i stuck? or get the wildcard SSL for everything?

Hi AS,
Do you mean you got a 3rd party SSL certificate but not for "exchangeservername.company.local", however, you want your internal users to access OWA via

https://exchangeservername.company.local/owa?

If yes, and since end user only use OWA internally, a certificate issued by internal CA is enough(domain-joined clients will trust internal root CA automatically).
You can follow the below link:
How to Issue a SAN Certificate to Exchange Server 2010 from a Private Certificate Authority

http://exchangeserverpro.com/how-to-issue-a-san-certificate-to-exchange-server-2010-from-a-private-certificate-authority

If you want to use 3rd party certificate, you have to contact the certificate issuer to renew the certificate.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.
Frank Wang
TechNet Community Support

Need to support users over the internet? click here try our remote control online beta

Hi All,
And i got the SSL for rest but not for "exchangeservername.company.local" So do i have to install AD CS on PDC and issued the certificate? this is the part i stuck? or get the wildcard SSL for everything?

Hi AS,
Do you mean you got a 3rd party SSL certificate but not for "exchangeservername.company.local", however, you want your internal users to access OWA via

https://exchangeservername.company.local/owa?

If yes, and since end user only use OWA internally, a certificate issued by internal CA is enough(domain-joined clients will trust internal root CA automatically).
You can follow the below link:
How to Issue a SAN Certificate to Exchange Server 2010 from a Private Certificate Authority

http://exchangeserverpro.com/how-to-issue-a-san-certificate-to-exchange-server-2010-from-a-private-certificate-authority

If you want to use 3rd party certificate, you have to contact the certificate issuer to renew the certificate.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.
Frank Wang
TechNet Community Support

Need to support users over the internet? click here try our remote control online beta

Hi AS,
Any updates?Frank Wang
TechNet Community Support

There is an amazing pack of free network admin tools. click here to download it