Untrusted certs kick off cert warnings, and unless the communicating software has a way to say "yes" to an acception, the SSL communication will fail.
If you sign your own cert, and provide it to them, they need to accept it as trusted on the server that is commmunicating. Many people are not going to want to do this for a variety of reasons. Globally trusted certs do not need to be expensive. RapidSSL certs are signed by Equifax and only cost $69 for a single year (with discounts for multiple years). There are even cheaper ones as well. It'sn ot worth the headaches of trying to sign your own cert IMO unless it's strictly for testing/lab/internal use only. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff Sent: Tuesday, December 19, 2006 11:26 AM To: Exchange Discussions Subject: RE: TLS For TLS? WTF... Since your server certificate is only used when they are trying to send mail to you and you've published your Mx records I can't see why it would matter. But, what do I know. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:bounce- > [EMAIL PROTECTED] On Behalf Of Fyodorov, Andrey > (Citco) > Posted At: Tuesday, December 19, 2006 9:50 AM Posted To: swynk > Conversation: TLS > Subject: RE: TLS > > Internal can be used. But the client will probably want to deal with a > trusted certificate from third party. This was our case. Our client > didn't want to deal with us until we got a cert from Verisign. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Pat > Richard > Sent: Tuesday, December 19, 2006 10:42 AM > To: Exchange Discussions > Subject: TLS > > We've been tasked with setting up TLS between a client and a large > client of theirs. I've been doing some initial research, and was > reading http://msexchangeteam.com/archive/2006/10/04/429090.aspx. It > mentions setting up a certificate. My question is if an internal CA > can be used, > or if it needs to be a trusted cert from a third party. > > Any help is greatly appreciated. > > Pat Richard > BOLD Technologies, Inc. > Phone: 248-457-2000 x11 > Fax: 248-786-0216 > http://www.BoldTechnologies.com/ > [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to [EMAIL PROTECTED] > dl.sparklist.com > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
