Certificates
Hi all need to confirm some details on certificates. Exchange 2007 CCR, Exchange 2007 Hub and Exchange 2007 CAS The CAS server and HUB server have self assigned certificates installed. The CAS server also has a 3rd party certificate installed for IIS POP IMAP etc. 1. Do I need to renew the self assigned certificates on the CAS box even if there is a third party certificate installed? 2.I presume that i have to renew the HT self assigned. 3. The mailbox CCR server does not have self assigned certificates or is it the case it should 4. Outlook 2003 clients - how does the TLS work when they connect to the CCR cluster with no certificate installed? Thanks
May 27th, 2010 10:09am

Hello TheMadferret, Simple you have to create a Self sign for SMTP on the HUB transport server. New-ExchangeCertificate -DomainName <fqdn eg. Server.domain.com> -Services SMTP It will fix the problem.MicroSoft Exchange Admin. & Connector EXCHANGE2010, MCSE, MCTS, MCSA MESSAGING, CCNA & GNIIT
Free Windows Admin Tool Kit Click here and download it now
May 27th, 2010 1:57pm

1. Do I need to renew the self assigned certificates on the CAS box even if there is a third party certificate installed? Renewal of the selfsigned cert is required to be done within 1 yr from the date of creation for pre Sp2 exchange 2007 and within 5 yrs for post sp2 exchange 2007 See the link below http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx 2.I presume that i have to renew the HT self assigned. Refer the link above 3. The mailbox CCR server does not have self assigned certificates or is it the case it should A self-signed certificate is installed on every Exchange 2007 server role except for the Mailbox server role. 4. Outlook 2003 clients - how does the TLS work when they connect to the CCR cluster with no certificate installed? I believe TLS is a way to secure SMTP message flow between Exchange Servers in different Exchange organizations ….Are you talking about OLK anywhere(RPC over HTTP) or OLK MAPI?
May 27th, 2010 2:31pm

Thanks for the update guys, makes sense, regards to outlook after i thought about it the client has the option to encrypt connections to exchange...
Free Windows Admin Tool Kit Click here and download it now
May 27th, 2010 2:45pm

The CAS and HUB are on the same server? If so, simply assign SMTP to the 3rd party cert.
May 27th, 2010 2:55pm

Hi they are on separate servers.
Free Windows Admin Tool Kit Click here and download it now
May 28th, 2010 12:15pm

Hi, That is RPC encrpytion for the Outlook not the TLS. Thanks Allen
May 31st, 2010 9:01am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics