Re: SSl on FE Exchange
- From: "Bharat Suneja" <bharatsuneja@xxxxxxxxxxx>
- Date: Thu, 1 Dec 2005 12:10:34 -0800
Recommend buying a cert from a commercial CA for production FE boxes -
there are many low-cost CAs out there trusted by Windows/IE. For the price
these CAs sell certs for its not worth the time and effort involved in
setting up an internal CA - if issuing a SSL cert to your OWA FE is the only
reason you're doing it.
Should you need to set up an inhouse CA, you neither need nor should locate
it on a DMZ. You can generate a cert req from your DMZ FE box and transfer
the cert req file to your internal CA, then issue cert, and transfer the
cert using any media or method to the server in DMZ.
Users would need to be able to access the CRL which can be published at an
accessible location in your dmz, including public web servers.
--
Bharat Suneja
MCSE, MCT
www.zenprise.com
blog: www.suneja.com/blog
-----------------------------------------
"Lion" <Lion@xxxxxxxxxx> wrote in message
news:u0eOXwq9FHA.4036@xxxxxxxxxxxxxxxxxxxxxxx
> Can I setup my FE Exchange to issue SSL certificates to it's self or do I
> need another server in my DMZ to do this job.
>
> Thanks.
>
.
- References:
- SSl on FE Exchange
- From: Lion
- SSl on FE Exchange
- Prev by Date: SSl on FE Exchange
- Next by Date: FBA on FE not showing.
- Previous by thread: SSl on FE Exchange
- Next by thread: FBA on FE not showing.
- Index(es):
Relevant Pages
|
