Exchange Server Forums

SSL Certificate

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2007] >> Secure Messaging >> SSL Certificate

Page: [1]

Message

<< Older Topic Newer Topic >>

Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM

TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!

SSL Certificate - 19.Jan.2009 7:57:39 AM

pannop

Posts: 4
Joined: 19.Jan.2009
Status: offline

I am implementing an Exchange 2007 system which consists of two-node Load-balancing ISA Reverse Proxy Servers, two-node Load-balancing Exchange 2007 Hub/CAS and two-node Exchange 2007 Mailbox Cluster. I would like to use SSL Certificates with OWA, ActiveSync and Outlook Anywhere. How many certificates do I need? Any help will be appreciated.

pannop

Post #: 1

Featured Links*

RE: SSL Certificate - 19.Jan.2009 8:21:44 AM

pjhutch

Posts: 3236
Joined: 21.Jul.2001
From: W Yorks, England
Status: offline

You probably just need to one certitifcate which will be installed on your CAS servers using a common name e.g. mail.mydomain.com. You do not need external SSL for mailbox servers or ISA.

_____________________________

Peter Hutchison MCP
Exchange Administrator
University of Huddersfield

(in reply to pannop)

Post #: 2

RE: SSL Certificate - 19.Jan.2009 8:29:33 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

you might find this article is informative for you

http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/securing-exchange-2007-client-access-server-3rd-party-san-certificate.html

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to pjhutch)

Post #: 3

RE: SSL Certificate - 19.Jan.2009 9:13:39 AM

jitendergupta

Posts: 69
Joined: 24.Dec.2008
Status: offline

Hi,

You need a SAN / UCC certificate which may cost around $80 - $100. The SAN /UCC certificate should include following FQDN's

https://owa.youcompany.com
https://autodiscover.yourcompany.com
https://Internal FQDN of your CAS servers

_____________________________

Jitender Kumar
MCSA, MCTS

(in reply to Ahmad Ramadan)

Post #: 4

RE: SSL Certificate - 19.Jan.2009 9:25:12 AM

pannop

Posts: 4
Joined: 19.Jan.2009
Status: offline

Thank you pjhutch, Ahmad and jitendergupta.

jitendergupta, If I buy only one certificate, not SAN/UCC certificate, what will be the consequences? Please advise.

(in reply to pannop)

Post #: 5

RE: SSL Certificate - 19.Jan.2009 9:26:35 AM

pannop

Posts: 4
Joined: 19.Jan.2009
Status: offline

jitendergupta, If I buy only one certificate, not SAN/UCC certificate, what will be the consequences? Please advise.

(in reply to jitendergupta)

Post #: 6

RE: SSL Certificate - 19.Jan.2009 9:30:20 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

100$ !!!
tell me what the CA company name????
come on man i have a running project for exchange 2007 and i have to buy a SAN Certificate it costed me around �5,170 for 10 common names

i think it wil be more than 100$

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to jitendergupta)

Post #: 7

RE: SSL Certificate - 19.Jan.2009 9:37:07 AM

pannop

Posts: 4
Joined: 19.Jan.2009
Status: offline

Hi,

If I buy only one certificate, not SAN/UCC certificate, what will be the consequences? Please advise.

(in reply to Ahmad Ramadan)

Post #: 8

RE: SSL Certificate - 19.Jan.2009 9:53:19 AM

pjhutch

Posts: 3236
Joined: 21.Jul.2001
From: W Yorks, England
Status: offline

What is SAN/UCC ?

_____________________________

Peter Hutchison MCP
Exchange Administrator
University of Huddersfield

(in reply to pannop)

Post #: 9

RE: SSL Certificate - 19.Jan.2009 10:17:49 AM

jitendergupta

Posts: 69
Joined: 24.Dec.2008
Status: offline

I appologize if i hurt you anyway. I bought a UCC certificate last year for $89 /yr. It has five domain included and the CA is godaddy.

_____________________________

Jitender Kumar
MCSA, MCTS

(in reply to Ahmad Ramadan)

Post #: 10

RE: SSL Certificate - 20.Jan.2009 1:21:13 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

good to know but tell me mate from who did u buy it?
coz i am contacting versign right now and this is the prise that they gave for 11 common names!!!!

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to jitendergupta)

Post #: 11

RE: SSL Certificate - 20.Jan.2009 2:10:52 AM

jitendergupta

Posts: 69
Joined: 24.Dec.2008
Status: offline

check this out

http://www.godaddy.com/gdshop/ssl/ssl.asp?ci=9039

_____________________________

Jitender Kumar
MCSA, MCTS

(in reply to Ahmad Ramadan)

Post #: 12

RE: SSL Certificate - 20.Jan.2009 2:31:32 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

i check the link
and does it support Exchange 2007??
does it support multiple common name in my case 11 common name??
and why do u think versign is that expensive, do u know???
is it reliable and widley international known certificate??

tell me from your experience what do u think of this certificate..

i am gonna check this out with the project manager and see what we will do

waiting ur reply ASAP

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to jitendergupta)

Post #: 13

RE: SSL Certificate - 20.Jan.2009 5:12:03 AM

jitendergupta

Posts: 69
Joined: 24.Dec.2008
Status: offline

Yes it supports exchange 2007, Microsoft office communication server 2007 and supports multiple subject alternative names.

You may check this out http://www.sslshopper.com/certificate-authority-reviews.html

As far as i'm concerned i'm using it for my company in US,PH & India. I'm not facing any issue.

Still certificate from verisign also is not going to cost more than $ 1000 max.
�5,170 is huge.

_____________________________

Jitender Kumar
MCSA, MCTS

(in reply to Ahmad Ramadan)

Post #: 14

RE: SSL Certificate - 20.Jan.2009 6:40:26 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

no man believe me i just recieved the qutation yesterday from versign for 11 common names it costs �5,170
very WIRED!!

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to jitendergupta)

Post #: 15

RE: SSL Certificate - 21.Jan.2009 10:13:08 AM

remjak

Posts: 31
Joined: 16.Dec.2008
From: Norway
Status: offline

If you dont use a SAN/UC(Subject Alternative names/Unified Communincations) certificate you will get more problems than if you sre using the SAN/UCC.

Its more hassle to configure and set up and easier to get into problems.
Also free/busy information might not work for external OA clients.

Remi

(in reply to pannop)

Post #: 16

RE: SSL Certificate - 22.Jan.2009 1:44:07 AM

Ahmad Ramadan

Posts: 449
Joined: 6.Jul.2008
From: Egypt
Status: offline

would you please explain more redaring that
i didnt get ya?

and do u think that this godaddy.com certificate is which type of both certificates u mentioned???

waiting ur reply

_____________________________

Ahmad Ramadan AbaYazeed
Senior Systems Projects Engineer

(in reply to remjak)

Post #: 17

RE: SSL Certificate - 22.Jan.2010 6:50:02 AM