Is PKI a Requirement to Run Exchange 2010?

  • Thread starter bfatwow
  • Start date Views 523
Not open for further replies.


Can we implement an Exchange 2010 environment without implementing PKI? Or will 2010 just not work without it?


PKI is not required. During the install Exchange 2010 created self-signed certificates to handle any needed encryption out of the box. I would recommend switching the CAS cert with a public certificate to alleviate client pop-ups for OWA, EAS, etc.

AndyD_ [MVP]

That depends. If you are using Outlook 2010 or Communicator or any other client ( other than Outlook 2007) that works against the CAS, using internal PKI or 3rd party certificates that all clients trust is a must. Do yourself a favor and do not use the Exchange self-signed certs.

I have seen this myself and have a number of people report the same. Outlook 2010 will throw an error if using the Exchange 2010 self-signed certificate that is installed during installation.
Not open for further replies.