Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New Exchange server and securing OWA

Status
Not open for further replies.

Duran

IS-IT--Management
Dec 4, 2001
183
GB
Hello,

I am currently running an Exchange 2003 Standard server which runs OWA unsecured. I will shortly be installing another exchange machine, and migrating everything accross to it, and eventually close the old one down. Will I need to transfer the OWA settings from IIS on the old machine to the new one, or can they be deleted/ignored?

Now when I put in the new one, I will want to make the OWA secure, has anybody used a self assigned ticket for this and if so, which one should I pick? And is a self assigned certificate, ok? Also, is it recommended I put the cert directly on the Exchange server, or should it go onto a DC? the OS in my place is Server 2003.

Thank you lots for any replys.

Kind Regards,
D.

I plug you in, dim the lights,
Electric Barbarella !
 
They can be ignored.
Self assigned means you assign it so it would be from your internal CA. This gives a screen every time for every user (well, not strictly true but close enough) that they want to connect.
Get a cert from GoDaddy.net.
The cert needs to be on the Exchange server or the ISA server if you have one that is between Exchange and the Internet.
 
Thank you for your rapid reply Zelandakh, I have but one other question, should I use a Stand alone CA or a Enterprise Root CA, we are running AD if that makes any difference?

Regards,
D

I plug you in, dim the lights,
Electric Barbarella !
 
Use your Enterprise root. You'd have to be running AD otherwise Exchange would be remarkably difficult to use!!
 
Don't run a CA. Get a $20 trusted cert from GoDaddy. Users won't get a prompt, EAS will work, RPC over HTTPS will work. Much easier than running an internal CA for just OWA.

Pat Richard
Microsoft Exchange MVP
 
Oh, I agree with Pat - I was just answering the 2 options rather than offering a third :)
 
Hello,

Thank you for all your responses, I think I will do the GoDaddy option. How come they are so much cheaper that Thawte? $20 seems very cheap.

Regards,
D.

I plug you in, dim the lights,
Electric Barbarella !
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top