Re: OWA SSL naming question
From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 06/01/04
- Previous message: Dwayne: "OWA SSL naming question"
- In reply to: Dwayne: "OWA SSL naming question"
- Next in thread: Dwayne: "Re: OWA SSL naming question"
- Reply: Dwayne: "Re: OWA SSL naming question"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 1 Jun 2004 10:40:36 +1000
Hi Dwayne
I must admit that I haven't actually stepped through this specific scenario
myself so I don't have an answer off the top of my head. I do know that
there is an excellent OWA publishing document ("OWA Publishing
Scenarios.doc") that discusses the certificate/name issue in some detail and
it can be downloaded as part of the Docs.zip FP1 documents file at:
I'm pretty sure that if you've got an internal name space that is different
to your external facing name space and at the same time you are using SSL
externally as well as having ISA communicate with the Exchange Server using
SSL, you'll need two certificates. I think the document I've linked to is
the best resource as it discusses the supportable scenarios and how to
implement them.
Kind regards
-- Mark Renoden [MSFT] Windows Platform Support Team Email: markreno@online.microsoft.com Please note you'll need to strip ".online" from my email address to email me; I'll post a response back to the group. This posting is provided "AS IS" with no warranties, and confers no rights. "Dwayne" <no@no.com> wrote in message news:eXKkuIjREHA.3944@tk2msftngp13.phx.gbl... >I read an excellent article by Tom Shinder on publishing OWA through ISA > using SSL, one part was a little vague to me. I use a different internal > domain name than our email address. We are doing a migration from NT4 to > 2003 so I have spent most of my time testing migration of users, > computers, > printers, etc. It will be a whole new domain and the testing has gone > well. > We bought a hardware firewall that was too limited for the execs as far as > web reporting usage so they went with ISA for web and are keeping the > hardware just for email as it does Anti-virus checking and spent too much > money on it just to scrap. I set up the ISA 2000 and have put FP1 and SP2 > on it. It is not part of a domain and currently users are just using > anonymous access. When we go to the new server with Exchange 2003 will > the new ISA then have to join that domain or at least a domain of it's > own? > I assume it should join our new domain. If our new domain is named > newdomain.local, for instance, but our email address is @ourcompany.com > then > how will the naming be for OWA and the SSL? In the article it said the > certificate name must be the same as the users domain and the web address > has to be the same as the users domain. From that article it makes it > sound > like we would have to use whatever comes after the @ in our email address > for our domain name. By what I have read it is usually a better idea from > a > security standpoint not to name the internal the same as the internet > name. > I don't explain things too well but hopefully you get the jist. Thanks > for > and help anyone can give me. > > Dwayne > >
- Previous message: Dwayne: "OWA SSL naming question"
- In reply to: Dwayne: "OWA SSL naming question"
- Next in thread: Dwayne: "Re: OWA SSL naming question"
- Reply: Dwayne: "Re: OWA SSL naming question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
