SSL Bindings - External OWA and Internal full Outlook Client Access

Status
Not open for further replies.
F

Farrina



Currently running Exchange 2010RC with 2008R2. Have configured OWA and can access mailbox successfully internally (LAN) and externally (WAN). Also using Full Outlook (2007) internally (LAN)
For OWA

Internal URL is https://ben.teton.wibbleword.com/owa

External URL is https://secure.wibbeword.com/owa

Currently trying out a "new" SSL certificate (issued by valid signing authority) for secure.wibbleword.com

Issue

Have imported new SSL Cert into IIS7

When I change the bindings for site within IIS7 to assign port 443 from default certicate created when installing Exchange to "new" SSL certificate the former security warning (name not matching certificate) when using OWA externally is no longer displayed (expected). However now when using Full Outlook Client internally am now receiving security warning about name not matching - it's expecting ben.teton.wibbleword.com (the original cert) 

As far as I can see I can only bind one certificate to port 443 - is there any way around this so I can negate security warnings when accessing Exchange from both LAN and WAN ?

Cheers

Alan
 
M

Mike Crowley

You should not be using IIS to import the certificate.  Instead use the built-in tool or the  Import-ExchangeCertificate cmdlet.

-----------------------------------------Mike Crowley
Microsoft Certified Technology Specialist (MCTS): Microsoft Exchange Server 2010, Configuration
 
F

Farrina



Mike

Thanks for pointing me in the right direction - shame about the price of Unified Communication/Wild Card Certificates!

Cheers

Alan
 
O

Oren Novotny

You can now get unlimited Certificates with as many SAN's and wildcards as you want for $40/yr.  StartCom just got their Root CA into the Microsoft Root CA program -- means it'll work automatically with Vista/Win7 and for XP if they've installed the September Root CA update from Windows Update (which is a high priority update, I think).

www.startssl.com, though I've had trouble logging in with IE but logging in with Firefox works and the generated certificates work flawlessly in IIS 7 and 7.5.
 
Status
Not open for further replies.
Top