|
rishishah -> Use TLS instead of SSL for greater security with OWA/ActiveSync and RPC HTTPS (17.Nov.2007 5:15:49 AM)
|
Use TLS instead of SSL for greater security with OWA/ActiveSync and RPC HTTPS.
This can be done for Exchange 2003 and Exchange 2007 and IE6/IE7, WM5/WM6 and Outlook 2003/2007 will automatically switch to using the more better encryption.
Ideally do this change on your reverse proxy only or if you have a seperate FE (Exchange 2003) or CAS (Exchange 2007). Do not do this on servers hosting mailboxes at all or if you run a single server solution.
On a reverse proxy see if you can force it to use TLS instead of SSL... for ISA 2004/2006 its easy... choose the Use FIPS Encryption (Group Policy Object).
Same applies if you do this on your Seperate FE or CAS server. But i prefer to do it on the reverse proxy than any where else.
Why use SSL when you can implement TLS with such ease.
|
|
|
|