You must have made the changes to get the self generated certificate accepted by the clients. Even a self generated certificate will expire one day and that will cause the feature to fail. Personally speaking, I don't bother with self generated certificates for RPC over HTTPS. For the hassle when they expire and generally getting them to work for the sake of saving US$25/year it isn't worth it.
Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/<http://certificatesforexchange.com/> for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/<http://domainsforexchange.net/> ________________________________ From: Gavin Wilby [mailto:[EMAIL PROTECTED] Sent: 17 July 2008 19:19 To: NT System Admin Issues Subject: Re: SSL cert question "or RPC over HTTPS then those features will fail" Are you entirly sure about that - I only ask cos I have two sbs sites that use RPC over HTTPS in Outlook and they have *no* registered certs at all, and the connection still works. Or is it more of a case of a valid cert expiring that causes the failure. On Wed, Jul 16, 2008 at 7:34 PM, Simon Butler <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>> wrote: If you are using Exchange 2003 and are using Exchange ActiveSync or RPC over HTTPS then those features will fail completely as they cannot cope with the certificate prompt. If the certificate is being used to secure SMTP/POP3/IMAP connections then those will also fail, particularly if it is being used to secure incoming email on TLS/SMTPS. Basically anything that uses SSL transparently will stop working. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]> w: www.amset.co.uk<http://www.amset.co.uk/> w: www.amset.info<http://www.amset.info/> Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/<http://certificatesforexchange.com/> for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/<http://domainsforexchange.net/> -----Original Message----- From: Joe Heaton [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>] Sent: 16 July 2008 18:40 To: NT System Admin Issues Subject: RE: SSL cert question That's pretty much exactly my question. We have one that expires next week, and since the state doesn't have a budget yet, I'm not allowed to renew it, or even pay $15.00 out of my own pocket to get a GoDaddy cert. So, my boss is asking me if there are security concerns with users accessing through an expired cert, and I just want to be sure one way or the other before giving my "certified" answer... Joe Heaton -----Original Message----- From: Andy Ognenoff [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>] Sent: Wednesday, July 16, 2008 10:33 AM To: NT System Admin Issues Subject: RE: SSL cert question If you're talking about a cert for a web site, clients requesting it will be notified that the cert is expired and warned that there could be problems with it. To my knowledge, if they accept the risk of accepting an expired cert, the encryption still takes place, same as if they accept a cert from a non-globally recognized CA. - Andy O. ________________________________________ From: Joe Heaton [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>] Sent: Wednesday, July 16, 2008 12:28 PM To: NT System Admin Issues Subject: SSL cert question If you have an SSL cert, and it expires, what, if any, functionality is lost? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ No virus found in this incoming message. Checked by AVG - http://www.avg.com<http://www.avg.com/> Version: 8.0.138 / Virus Database: 270.5.0/1555 - Release Date: 7/16/2008 6:43 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
