Not certain but I may have answered my own question by reviewing NetScaler's documentation. They mention that the certificates have to be imported from Exchange. So I am assuming that we'd still be left with having to maintain them on the Exchange servers. Again, if anyone has anything to offer on this, by all means, let me know. Thanks again....

We use NetScalers to load balance webmail/activesync requests for our Exchange 2007 environment. We've recently run into an issue where users were getting disconnected to Exchange using OA, either on or off of VPN. It turned out that there were a couple settings within the NetScalers causing the issue. However, a discussion has come up about letting the NetScalers handle SSL offloading. One of my colleagues commented that if we get SSL decryption off Exchange that this eliminates the need to update the certificates on the Exchange server. I don't believe that his comment is correct. To me, whether the NetScalers handle all SSL decryption or not, certificates would still have to be maintained. Unfortunately, I'm having trouble providing a convincing explanation. From past experience, certificates were always updated on Exchange regardless of SSL offloading. I just have a gut feeling that the comment is not correct. If anyone has any thoughts on this, please let me know...thanks in advance for any response

Not certain but I may have answered my own question by reviewing NetScaler's documentation. They mention that the certificates have to be imported from Exchange. So I am assuming that we'd still be left with having to maintain them on the Exchange servers. Again, if anyone has anything to offer on this, by all means, let me know. Thanks again....