Ok, so things that will actually break, as this cert is on my exchange server, used to access OWA. We also use it for Activesync with our mobiles:
1) Automation in accessing OWA through browser, but encryption will still happen. 2) Activesync will break, as it cannot cope without automation. Can I temporarily get by this by unchecking the SSL box within Activesync settings on the mobile devices? Joe Heaton -----Original Message----- From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2008 11:34 AM To: NT System Admin Issues Subject: RE: SSL cert question If you are using Exchange 2003 and are using Exchange ActiveSync or RPC over HTTPS then those features will fail completely as they cannot cope with the certificate prompt. If the certificate is being used to secure SMTP/POP3/IMAP connections then those will also fail, particularly if it is being used to secure incoming email on TLS/SMTPS. Basically anything that uses SSL transparently will stop working. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ -----Original Message----- From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: 16 July 2008 18:40 To: NT System Admin Issues Subject: RE: SSL cert question That's pretty much exactly my question. We have one that expires next week, and since the state doesn't have a budget yet, I'm not allowed to renew it, or even pay $15.00 out of my own pocket to get a GoDaddy cert. So, my boss is asking me if there are security concerns with users accessing through an expired cert, and I just want to be sure one way or the other before giving my "certified" answer... Joe Heaton -----Original Message----- From: Andy Ognenoff [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2008 10:33 AM To: NT System Admin Issues Subject: RE: SSL cert question If you're talking about a cert for a web site, clients requesting it will be notified that the cert is expired and warned that there could be problems with it. To my knowledge, if they accept the risk of accepting an expired cert, the encryption still takes place, same as if they accept a cert from a non-globally recognized CA. - Andy O. ________________________________________ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2008 12:28 PM To: NT System Admin Issues Subject: SSL cert question If you have an SSL cert, and it expires, what, if any, functionality is lost? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.0/1555 - Release Date: 7/16/2008 6:43 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.0/1555 - Release Date: 7/16/2008 6:43 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
