Re: Exchange 2007 & SSL certificate by Danie
Danie
Fri Feb 01 01:30:22 CST 2008
BTW, the same applies to E2K7 except for names i.e. FE is CAS and BE is
Mailbox.
"Danie Vink" <vinkad@yahoo.com> wrote in message
news:OP3FFLKZIHA.1168@TK2MSFTNGP02.phx.gbl...
> You don't have to rename the server to FQDN. The FQDN is applicable to
> your web-server (IIS) and not the complete server. It is also the name of
> your web-server that is visible to the Internet. This should be different
> from the actual server name (for some security reasons).
>
> You can use a self-signed cert internally but you have to realized that in
> certain cases your internal users may get a cert notification that the
> cert was signed by an untrusted source. Nothing wrong with that as it is
> still secure but can be annoying to the users.
>
> Point 3 is not required as you will typically use a front-end (W2K3 with
> IIS and E2K3) as your entry point from the Internet. The front-end
> negotiates with the Mailbox (Back-End) server for information required by
> the user.
>
> Browse microsoft.com for more info on Exchange FE/BE deployment.
>
> "Tony WONG" <x34@netvigator.com> wrote in message
> news:eiKKkDJZIHA.4172@TK2MSFTNGP02.phx.gbl...
>> Dear All
>>
>> My Exchange server name is different from FQDN
>>
>> i have bought a SSL certificate with FQDN name
>>
>> i wish to use the cert in OWA, Mobile 6 and Outlook Anywhere.
>>
>> other than buy a multi-name cert, is there any other solution?
>>
>> Question
>> 1. Can i rename the server to FQDN? seem not possible.
>> 2. Can i use self-signed certificate "internally" and use CA certificate
>> at outside by OWA, Mobile 6 and Outlook Anywhere? i cannot afforda all
>> the users see the error popup when outlook start.
>> 3. is it an ultimate solution to set up a new exchange FQDN server?
>> Lots of work to do, involve hundred of workstations, downtime...
>>
>> Thanks a lot.
>>
>> Tony
>>
>
>