Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Very secure with cert

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Server Security >> Very secure with cert Page: [1]
Login
Message << Older Topic   Newer Topic >>
Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM
TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!
Very secure with cert - 21.May2008 10:37:25 PM   
jimebilly

 

Posts: 1
Joined: 21.May2008
Status: offline 		I have a client that would like to use owa and windows mobile in a controlled environment.  Basically they would need to manually install a certificate on the client side to allow connections from only their machines.  I am being kind of vague but i am not sure what this would be called...

Instead of installing the cert automatically when they go to https://**** they would have to manually install it (from floppy or usb) ahead of time.  How is this scenario acheived?

Thanks
Post #: 1
RE: Very secure with cert - 22.May2008 6:01:56 PM   
Sembee

 

Posts: 3574
Joined: 17.Jan.2008
From: Somewhere near London, UK
Status: offline 		You are looking at two methods.
1. A self generated certificate that needs to be installed.
2. A client certificate.

However I wouldn't recommend either.

Anything but commercial SSL certificates on a Windows Mobile device is a pain, and the hassle makes it uneconomic.
For OWA I wouldn't even consider anything but a commercial certificate as the users will get a certificate prompt that I consider a security risk.

Users will work around anything that you do. If you try and restrict the certificate then the users will work around that - if you allow access to the web service from the internet. You need to secure the connection.

If they want to control access then you need to be looking at OWA, particularly if you want to allow free access internally.
Otherwise what I would suggest is that OWA etc is disabled on all users who don't need access.

Trying to restrict the user to specific machines is not that straight forward, particularly connecting over the internet.

Simon.

_____________________________

Simon Butler,
Exchange MVP
Blog: http://www.sembee.co.uk/
Web: http://www.amset.info/
In the UK? Hire me: http://www.amset.co.uk/

(in reply to jimebilly)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Server Security >> Very secure with cert Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts