Both will work. What you get with a third party cert is the assertion that the server to which your clients are connecting is truly part of your domain (i.e. traffic isn't being hijacked to a rogue server in order to steal passwords, etc.)
With a cert from a homegrown server, your users will always get a message when they connect to your OWA server that the cert cannot be verified. The server is effectively saying "give me your password, please. You can trust me because I say I can be trusted. Here's proof that I generated that says I can be trusted." Users can be trained to ignore the cert error. In my opinion it's not as clean of an implementation and the $700 for a third party cert is justified. ********************************* * Erik Sojka, MOS, MCSE * * Asst. VP, Technology Services * * [EMAIL PROTECTED] * ********************************* > > -----Original Message----- > From: Scott Force [mailto:[EMAIL PROTECTED] > Sent: Friday, June 13, 2003 10:32 AM > To: Exchange Discussions > > I've setup OWA (5.5/6a) and I now want to secure it with SSL. > I have a > stand alone 2000 server where IIS and OWA are installed in an NT 4.0 > domain. Do I have to install Certificate Services on the > 2000 server or > can I use one from a third party (ie VeriSign) vendor? > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
