Re: CA LOCATION
Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance
Date: Sat, 19 Feb 2005 16:55:22 -0800
The best place to place your CA in on the machine that is doing Port 80
requests. This is just from practical experience.
The CRL distribution point is that is created points to a port 80 URL for
example: http://servername.domainname.com/CertEnroll/domainname.com.cr
You cert will have an hierarchical type layout
Root Certificate
Issued Certificate
Your OWA clients will want to install the Root Certificate, this way the
issued certificate is recognized properly.
Another thing you will have to do, is publish a Host record for your Cert
Server, that way it can get resolved properly.
Hope this helps.
OKuma
"Donavan" <Donavan@discussions.microsoft.com> wrote in message
news:01E37217-4928-48A3-947E-D818432E1400@microsoft.com...
> Hi all,
>
> I want to use ms cert. services to generate my ssl certificate for
> owa
> in exch2k3, where is prefered location for cert. services, on the exch.
> server or on the dc, or does it matter at all.
>
> Thanks in advance
>
> Donavan
Relevant Pages
- Re: SBS 2003 and Outlook RPC over HTTP issues
... Your cert is barfing due to the fact that the names do not match. ... some weird certificate error now though...if you want to see it ... As pointed out by others, port 80 does NOT need to be open, and yes, ... record pointing that to your SBS, and you have port 443 open and ...
(microsoft.public.windows.server.sbs) - Re: Web Certificate for IIS Server on SBS Domain
... Before your reply, I actually ran across rapidssl myself, and have ordered and installed the free 30-day certificate on my site. ... I explained what you'd told me about putting my existing configuration at risk by installing Cert Services, and he said he didn't know that. ... Again, if you're just needing a cert to install on your web server to provide SSL connectivity for remote users, go with an external third-party provider. ... When you add Certificate Services on an internal network, lots of internal communications will start using pieces provided by the Cert Server instead of the defaults from Server 2003, and when things blow up, they can blow up gloriously. ...
(microsoft.public.windows.server.sbs) - Re: Activesync between Windows Mobile 5 and SBS2003 gives error
... If you don't find a cert here that matches the URL for OWA, you need to re-run the CEICW wizard on the SBS box and re-create the self signed cert. ... I exported the certificate straight from the server. ... Treo 700wx running Windows Mobile 5. ...
(microsoft.public.windows.server.sbs) - Re: Not able to connect to SBS using both domain mane or IP remote
... >>> connection using SBS. ... >>> Certificate but it's still not working. ... >>> but not to the server or any of the services. ... >> Your server is answering on port 25, ...
(microsoft.public.windows.server.sbs) - Re: Terminal Services over a VPN
... Create a certificate request and submit it to godaddy in order to obtain a public cert. ... You can use the wizard in IIS Manager for this by creating a new website that matches the above name (on your TS server), right-click and choose properties, directory security tab, server certificate button. ... After the install you can stop or delete the website created above since you don't need it for anything. ...
(microsoft.public.windows.terminal_services) |
|
