Re: Firewall & Certificates & Outlook over HTTP

Hi Chris,

You do not need to have a dual nic configuration to use self-signed certificates.

If your cert is signed as 'mydomain.com' and your users are accessing the site as 'server.mydomain.com', there will be a mismatch error displayed in browsers, and Outlook Anywhere won't function correctly (both error due to the cert not matching).

To fix this condition, your self-signed cert should be signed as the FQDN that you have published with your DNS host and should match what your users are entering as the FQDN in their browser - server.mydomain.com. You can change this by re-running the connect-to-internet wizard - be sure to select the option to create a new self-signed certificate during the process. When prompted for certificate name, use the corresponding host name that your users type in to access RWW remotely. After the wizard is done, import the new cert to a client machine. Confirm after adding the certificate to the client that there is no error on accessing your RWW website.

Then test Outlook Anywhere. If accessing Remote Web Workplace did not produce a certificate error, then Outlook Anywhere should function - if it's not working, then look to the instructions that are available inside RWW for configuring your Outlook Anywhere clients: https://server/Remote/loading.aspx?outlook.aspx (fix server name for your install).

Hope that helps,

Jason



"Chris" <microtalk@xxxxxxxxxxx> wrote in message news:efymsxqAIHA.4752@xxxxxxxxxxxxxxxxxxxxxxx
We are having problems getting self signed certificates to work, when we connect to the SBS box with server.domain.com/remote and install the certificate it seems to work OK but when we go to the site again it says there is a mismatch and the users can't get emails using Outlook over HTTP. When I view the certificate it is issued by mydomain.com whereas other successful certificates are issued by server.mydomain.com.

We have a SBS 2003 Standard server and a Windows 2003 Standard server as a Terminal Server with a Netgear firewall router. I have opened the necessary ports on the firewall and used port forwarding to direct the different services to the SBS or Terminal Server systems and everything is working except for the certificates and therefore Outlook over HTTP.

Is it mandatory to use the 2 NIC configuration to use self signed certificates or can I get it to work with the router?

Regards
Chris


.

Relevant Pages

  • Re: Outlook over internet RPC not working
    ... The cert was already in that store, ... same certificate, and then regardless of the configuration on the working ... Checked all Outlook over the Internet settings? ...
    (microsoft.public.windows.server.sbs)
  • Re: Macro sending email how to disable warning?
    ... I'm looking up selfcert stuff for Outlook. ... ' Set app at start of day and uniquely identify Meeting item with *!* to ... self-generated certificate included in Office. ... Each user would have to generate a cert and sign the VBA ...
    (microsoft.public.outlook.program_vba)
  • Re: ADFS Token-signing Certs Not in Trusted Root Store
    ... This is good info, Joe. ... So now I know that the token-signing certificate is ... Get a signing cert from a CA ... case, you never have to worry about expiration or CRL checking, as your cert ...
    (microsoft.public.windows.server.active_directory)
  • Re: Issues with SSL on Win CE 5.0
    ... the HKCU certificate store. ... and tell the web server to use it. ... The old cert was in. ...
    (microsoft.public.windowsce.embedded)
  • Re: How to get Digital Certificate for Outlook 2007?
    ... you can import your cert from Thawte or any other provider; ... Outlook 2007 I don't seem to get the certificate. ... I also created a verisign 60 trial cert which I am going to test out. ...
    (microsoft.public.security)