I was confusing registered against trusted. On Fri, Jul 18, 2008 at 12:05 AM, Ken Schaefer <[EMAIL PROTECTED]> wrote:
> What do you mean by "no registered certs". You must have a cert on the > IIS server (otherwise you can't use HTTPS), and that cert must be issued by > a trusted root CA for Outlook to accept it (otherwise, Outlook 2007 at > least, displays an error about the cert) > > > > Cheers > > Ken > > > > *From:* Gavin Wilby [mailto:[EMAIL PROTECTED] > *Sent:* Friday, 18 July 2008 4:19 AM > > *To:* NT System Admin Issues > *Subject:* Re: SSL cert question > > > > "or RPC over HTTPS then those features will fail" > > > > Are you entirly sure about that - I only ask cos I have two sbs sites that > use RPC over HTTPS in Outlook and they have *no* registered certs at all, > and the connection still works. > > > > Or is it more of a case of a valid cert expiring that causes the failure. > > On Wed, Jul 16, 2008 at 7:34 PM, Simon Butler <[EMAIL PROTECTED]> wrote: > > If you are using Exchange 2003 and are using Exchange ActiveSync or RPC > over HTTPS then those features will fail completely as they cannot cope with > the certificate prompt. > If the certificate is being used to secure SMTP/POP3/IMAP connections then > those will also fail, particularly if it is being used to secure incoming > email on TLS/SMTPS. > > Basically anything that uses SSL transparently will stop working. > > Simon. > > > > -- > Simon Butler > MVP: Exchange, MCSE > Amset IT Solutions Ltd. > > e: [EMAIL PROTECTED] > w: www.amset.co.uk > w: www.amset.info > > Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? > http://CertificatesForExchange.com/ <http://certificatesforexchange.com/>for > certificates from just $23.99. > Need a domain for your certificate? > http://DomainsForExchange.net/<http://domainsforexchange.net/> > > > > -----Original Message----- > From: Joe Heaton [mailto:[EMAIL PROTECTED] > > Sent: 16 July 2008 18:40 > To: NT System Admin Issues > Subject: RE: SSL cert question > > That's pretty much exactly my question. We have one that expires next > week, and since the state doesn't have a budget yet, I'm not allowed to > renew it, or even pay $15.00 out of my own pocket to get a GoDaddy cert. > So, my boss is asking me if there are security concerns with users > accessing through an expired cert, and I just want to be sure one way or the > other before giving my "certified" answer... > > Joe Heaton > -----Original Message----- > From: Andy Ognenoff [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 16, 2008 10:33 AM > To: NT System Admin Issues > Subject: RE: SSL cert question > > If you're talking about a cert for a web site, clients requesting it will > be > notified that the cert is expired and warned that there could be problems > with it. To my knowledge, if they accept the risk of accepting an expired > cert, the encryption still takes place, same as if they accept a cert from > a > non-globally recognized CA. > > - Andy O. > ________________________________________ > From: Joe Heaton [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 16, 2008 12:28 PM > To: NT System Admin Issues > Subject: SSL cert question > > If you have an SSL cert, and it expires, what, if any, functionality is > lost? > > Joe Heaton > AISA > Employment Training Panel > 1100 J Street, 4th Floor > Sacramento, CA 95814 > (916) 327-5276 > [EMAIL PROTECTED] > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.138 / Virus Database: 270.5.0/1555 - Release Date: 7/16/2008 > 6:43 AM > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
