Re: help, please, about digital certificates?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Gary Karasik (gkarasik_at_fea.net)
Date: 02/21/05 

Date: Sun, 20 Feb 2005 22:59:25 -0800

Thanks, Eriq.

Re the requirement that they stick to IE--it's a personality issue. The boss
has a kind of idee fixe about IE. Since it's possible to make the current
configuration work with a digital cert, that's the way he insists on going.

GaryK

"Eriq Neale" <eon@eonconsulting.idonotwantspam.net> wrote in message
news:2005022020325516807%eon@eonconsultingidonotwantspamnet...
> Hey gary. Responses inline...
>
> On 2005-02-20 18:19:56 -0600, "Gary Karasik" <gkarasik@fea.net> said:
>
>> I'm going to switch my client from POP3 to SMTP. Currently their web site
>> and email is hosted. For OWA we connect to the server via their static IP
>> (000.000.000.000/exchange). The digital cert, issued to the static IP, is
>> self-signed.
>>
>> They have Macs that will be using OWA, and they are standardized on IE.
>> The helpful folks here have said that for IE to work with OWA, I must
>> have a 3rd-party digital cert. For the server to have a 3rd-party digital
>> cert it has to have a registered domain name.
>
> Correct. This is a bug/feature of IE for the Mac. It has no way of
> handling self-signed certificates, soit just doesn't. Unfortunately, IE
> for the Mac is a dead product, so this issue will not be fixed. Theadvice
> you have been given is also correct. If you acquire and install a cert
> from a "trusted vendor" then IE will work as you want it to. And, yes, you
> will have to have a registered domain name to get the cert.
>
>> Their domain name (www.domainname.com) is used by/for their hosted web
>> site, and so can't be used as the server's domain name for OWA purposes.
>
> OK. So set up a name other than www for the SBS server, i.e.,
> mail.domainname.com. You can get a cert for that host name name instead of
> www.domainname.com, install it on the SBS box, and your IE on the Mac will
> run happily through OWA.
>
>> So what it seems I have to do is register a new domain name
>> (www.domainname_metro) for the server, then get a 3rd-party digital cert
>> for that new domain name. (BTW, GoDaddy--www.godaddy.com--is offering a
>> basic SSL cert for $29/year.)
>
> you don't have to register a new domain name to get the cert. The cert is
> tied to a specific host name, not a domain name (unless you get one of the
> really, really expensive *.domainname.com certs). No additional costs to
> adding a new host name in your existing domain. you'll just need to work
> with whomever is providing your DNS services to add the new host name,
> point it to the public IP address of the SBS server, re-run teh CEICW to
> use the new public host name, then generate the request for the cert with
> the host name and install it on your server.
>
>> Does that all sound right?
>
> Hopefully this response hashelped clear the air a little.
>
> Now, I'm just a little curious about the mandate that the Macs must run
> IE, especially considering it's a 4 year old program that is not going to
> be developed further. Are they opposed to running Safari (which comes with
> Mac OS X), or Netscape or Firefox, all of which are supporting later web
> features that aren't supported on IE 5 for the Mac? Just professional
> curiosity. I have yet to run into a Mac-aware client that I haven't been
> able to talk out of using IE on the Mac...
>
> HTH...
>
> -Eriq
>
> --
> Eriq Neale - MCSE, MCSA Messaging, MCP Small/Medium Business, Mac Guru
> EON Consulting - www.eonconsulting.net
> Need additional IT insight? E-mail "support at eonconsulting dot net"
>

Relevant Pages

  • Re: Macs work with OWA?
    ... OWA works fine on the Mac, ... Using the self-signed cert from SBS is going to cause some headaches ... Safari uses the Apple cert store in the OS ...
    (microsoft.public.windows.server.sbs)
  • Re: help, please, about digital certificates?
    ... > They have Macs that will be using OWA, and they are standardized on IE. ... > digital cert it has to have a registered domain name. ... This is a bug/feature of IE for the Mac. ... So set up a name other than www for the SBS server, i.e., ...
    (microsoft.public.windows.server.sbs)
  • Re: Macs work with OWA?
    ... cert, will IE install it automatically, or do you install it manually when a ... security dialog announces a cert is needed? ... > OWA works fine on the Mac, ...
    (microsoft.public.windows.server.sbs)
  • RE: mac to ip address tools
    ... Say host A on your net is trying to communicate with host B. Host A ... needs to know the MAC address for host B (or the MAC address for the ... ARP replies are no good for you - those are ... About 100 machines using the same MAC address: ...
    (Pen-Test)
  • Re: Sharing from Mac to PC on LAN
    ... sharing data bases in FileMaker is quick and easy .... ... my connection to the internet is on the Mac and I have ... The privileges for the folder with the databases has been set to no ... The PC is "seeing" the host MAC every time. ...
    (comp.databases.filemaker)