Re: Creating a cert for OWA server?

---

• From: Andy David {MVP} <adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Sun, 01 Jul 2007 11:37:43 -0400

---

On Sun, 1 Jul 2007 16:25:44 +0100, "Gonzo" <no@xxxxxxxx> wrote:

Why is the OWA server bad int he DMZ? It simply chats to the Internal
Exchange? How should it be?

Yea, but you have a domain member in the DMZ. Better to have
reverse-proxy in the DMZ ( Microsoft will tell you to use ISA) that
publishes OWA from the internal network.
Otherwise, I would rather leave OWA behind the internal firewall, but
that's just me.

"Andy David {MVP}" <adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:t6cf83hfn287tpum7cdgedild7cpfp4oob@xxxxxxxxxx

On Sun, 01 Jul 2007 09:46:35 -0400, Andy David {MVP}
<adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

On Sun, 1 Jul 2007 12:03:32 +0100, "Gonzo" <nospam@xxxxxxxxx> wrote:

I have a 2003 OWA server that needs a cert. How can I create a cert for
it
to be https, I do have an internal cert server, but the OWA server is on
a
DMZ. Just don't know where to start?

Anyone else done this before?

In the DMZ, as in not part of the AD domain?

oops. Of course, part of the AD domain. But, still a bad idea.

Not a good idea.
Creating a cert is very easy using the certificate wizard in IIS under
the properties of the default website.
Submit it to a 3rd party certification authority and after they return
it, simply return to the wizard and import it it.

The FQDN of the cert is the name you want people to connect to in DNS.
So, if in DNS, external users connect to https://owa.domain.com, thats
the FQDN you request for the certificate.

I would recommend not using a self-signed certificate for a number of
reasons.

.

---

• Follow-Ups:
  • Re: Creating a cert for OWA server?
    • From: Gonzo

• References:
  • Creating a cert for OWA server?
    • From: Gonzo
  • Re: Creating a cert for OWA server?
    • From: Andy David {MVP}
  • Re: Creating a cert for OWA server?
    • From: Andy David {MVP}
  • Re: Creating a cert for OWA server?
    • From: Gonzo

• Prev by Date: Re: Creating a cert for OWA server?
• Next by Date: Re: Remove Exchange 2007 testing server
• Previous by thread: Re: Creating a cert for OWA server?
• Next by thread: Re: Creating a cert for OWA server?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Creating a cert for OWA server? ... In the DMZ, as in not part of the AD domain? ... Creating a cert is very easy using the certificate wizard in IIS under ... (microsoft.public.exchange.admin) Re: Creating a cert for OWA server? ... In the DMZ, as in not part of the AD domain? ... Creating a cert is very easy using the certificate wizard in IIS under ... (microsoft.public.exchange.admin) Re: IMAP and SMTP for Exchange 2003 with front end and antispam gateway ... On top of what Bharat said, you will be able to secure IMAP4 using your web ... Infact you will be able to use the same ssl cert to secure POP, IMAP, ... SMTP and OWA. ... the DMZ doesn't accomplish anything. ... (microsoft.public.exchange.design) Re: Creating a cert for OWA server? ... Why is the OWA server bad int he DMZ? ... Creating a cert is very easy using the certificate wizard in IIS under ... (microsoft.public.exchange.admin) Deploying Mobile Information Server 2001 ... What would be the advantage of moving my exchange server to the DMZ ... Do I need to install Queus first? ... certificate for 3 corporately owned devices... ... (microsoft.public.exchange2000.setup.installation)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Exchange  > microsoft.public.exchange.admin  > 2007-07