New Exchange 2007 setup - OWA question about SSL cert
New Exchange 2007 set up on a SBS 2008 server. What is the simplest way to get rid of the annoying msg for OWA clients about the cert not being valid? I've searched for hours and found all sorts of complicated ways but no simple "step by step" from start to finish. I would like to use Windows CA to generate a cert if possible so I don't have to purchase a 3rd party one (I realize I will have to renew yearly). There's got to be a complete set of instructions out there somewhere? Thanks, John
November 17th, 2011 7:42pm

Thanks Simon for the response and links. So there's no way around purchasing a 3rd party cert? I have seen several articles mention installing Windows CA to generate a cert. Why would they propose that if the OWA clients wouldn't trust them? John
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2011 11:30am

Thanks Simon for the response and links. So there's no way around purchasing a 3rd party cert? I have seen several articles mention installing Windows CA to generate a cert. Why would they propose that if the OWA clients wouldn't trust them? John People are tight and want to save money and will live with the errors. The Windows CA is only an option if you have control over 100% of the clients. Even then they still be a poor choice because of the need to install something on every device. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
November 18th, 2011 12:49pm

It is a small office and I do have control of the devices. Currently it is about 5 PC's and 5 laptops, and maybe a couple iphones/ipads. They are switching from external Gmail and I suggested OWA to save the cost of buying Outlook for each workstation. The iphones I will set up using the VPN connection to Exchange. Would this setup work with the Win CA generated cert? Thanks again for your help. John
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2011 12:58pm

Yes I agree it is much easier and less of a headache to go with a 3rd party cert. However, if you still wish to go with the internal CA and you have full control over all machines and they are domain joined you could look at configuring a group policy to apply the root CA to each machine.
November 22nd, 2011 8:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics