Thursday, January 7, 2010

Assigning SSL Certificate for OWA Exchange 2010 Part 1

Goal: Assign SSL certificate for company OWA Exchange 2010 server

Environment:

image

  • Log on to Exchange 2010 via web browser brings up warning as shown below…..

image

Log on to Exchange 2010 Management Console

Server Configuration

  • Right Click on the CAS server
  • New Exchange Certificate

image

  • Enter Friendly name for the certificate ( anything you want this is for you to see and remember what this cert is for)

image

  • In this example we have one domain so wildcard certificate wont apply to here

image

  • Click next

Now Click the arrows to fill out the required information, this part is real nice easy to fallow we will click on Client Access server

image

Let me explain this a little bit so there is no confusion

The internal Domain Name space I use is SMTP25.local and server name is HTS01.SMTP25.Local

image

image

So my users internally can open their browser and type Http://mail.smtp25.local they will get to my exchange server and here how DNS A record internally look like

  • On the local Domain Controller / DNS
  • Open DNS Console
  • New Host A record

image

  • And type the IP address of the CAS server.

image

image

  • Pretty simple internal DNS query will be perform by client Browser will go to Internal DNS server and since we do have A record pointing to CAS server, Client browser will be directed to CAS server.

image

  • go back to Certificate wizard

image

  • I will Click next

image

  • Here is important, I have to pay attention to Common name, The common name is what clients will put into their browser when they are on outside of your network ( Internet) and this record must exist on the Public DNS server.

image

image

image

image

image

  • I created folder on C and give name to Certificate to make me remember what it is in the future

image

image

image

  • Now let’s get the certificate from C drive make right click open, open with notepad

image

image

  • This is end of part one , please read part two to complete the cert process

best,

Oz Casey , Dedeal

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.wordpress.com (Blog)

11 comments:

suvatha said...

It's nice..I got the SSL certificate here http://www.xnynz.com/ It provides hosting,domain name register, domain appraisal, online file folder etc...

Anonymous said...

Currently I cannot find much on assigning via the new Exchange 2010 post, so congratulations to you. I am currently looking to configure my new server to a chain of SSL Certificates I've recently purchased from SSL247.co.uk, so any further articles based on the 2010 server would be greatly received!

Unknown said...

I just got completed the part one and now going to read out the part two, over to EV SSL Certificate, i would be more interested to get information on Code Signing Certificate as well, which both i found to be very useful rather than other types like Essential etc.

Nill Smith said...

I am currently searching to configure my new server to a alternation of SSL Certificates. I've afresh purchased from ClickSSL.com. It provides Wildcard SSL Certificates, Geotrust SSL, Verisign SSL, EV SSL Certificates, CodeSigning SSL & More.

SSL Certificates said...

Currently, I can not find much on the distribution through the new Exchange 2010 post, so congratulations to you. I am trying to configure my new server to an SSL certificate chain.

SSL Certificate said...

It is nice information about to install OWA Exchage 2010 because it is difficult to manage all task step by step. if there some mistake it is may be gone a wrong .Col

Buy SSL certificates said...

SSL certificate is core aspect in concern of web users and web site security. We really glad to be here and read entire article about SSL certificate on Exchange 2010.

WildCard SSL Certificat | EV SSL Certificate

Anonymous said...

Hello

Both part 1 and part 2 are excellent postings. They have screenshots for each step of the way and added explanations where particular care / focus is needed.

Well done and thank you.

Rachel Burr said...
This comment has been removed by the author.
Anonymous said...

Here:
http://smtp25.blogspot.it/2010/01/assigning-ssl-certificate-for-owa_07.html

Frank B. said...

There is a cheaper option than wildcard ssl. For exchange servers, the cheapest solution is to obtain a multi-domain certificate, and issue this for e.g. mail.yourserver.com, autodiscover.yourserver.com and owa.yourserver.com ... Those 3 domains are enough, and this cert is cheaper than a wildcard with most providers ...