I have configured up an internal CA for SSL on my Exchange 2003 rpc over http project. I have gotten everything to work, but I have installed 2 certificates on clients. The first is from the Web server handling the ssl requests (the certificate was generated from the root CA) and the second is the certificate from the root ca server itself. Do I need both for this to work or will just one certificate do the job?