Absotively you should be using SSL for OWA. I was just referring to RPC over https, the use of which for external mail clients might be obviated in Exchange 2010 if the reviews are correct. We're still on 2003, so I wasn't aware of the Exchange 2007 bits.
Thanks, RS On Fri, Sep 4, 2009 at 6:43 PM, Brian Desmond<[email protected]> wrote: > Well it's still required post 2003. > > You shouldn't be doing OWA without SSL anyway. > > Outlook 2007+ and Exchange 2007+ use SSL connectivity even while on the LAN > for certain things - autodiscover, address book download, web services, etc. > > Thanks, > Brian Desmond > [email protected] > > c - 312.731.3132 > > > -----Original Message----- > From: Richard Stovall [mailto:[email protected]] > Sent: Friday, September 04, 2009 4:01 PM > To: NT System Admin Issues > Subject: RE: rpc over https > > The SSL cert must be for whatever address your users will use from the > outside (the inside will work too if you set up a split DNS structure). The > site really depends on how you set it up. Could be the default, or possibly > something else if you customize it. I set ours up 4 or 5 years ago and > haven't touched it since, so I don't really remember how much choice you > have. A quick look at the IIS config on our Exchange server puts it in the > default site. > > One thing about the cert you need to understand. The trusted chain in the > certificate store on your user's machines must go all the way up to the > issuing authority. It doesn't have to be a commercial cert, but the issuing > authority must be trusted. You can even use a self-signed cert, but it must > be installed manually. The easiest way to do this is with IE. > > Once you get this working I think you'll really appreciate the benefits, at > least with Exchange 2003. The folks here rave about 2010's OWA, so maybe it > won't be needed in the future. > > Good luck, > RS > > -----Original Message----- > From: Chris Orovet [mailto:[email protected]] > Sent: Friday, September 04, 2009 4:48 PM > To: NT System Admin Issues > Subject: rpc over https > Importance: High > > Hey Guys and Gals, > Can someone clarify this for me please. Im setting up rpc over https for > some remote users that require access to mail and the contacts. Im finding > conflicting information when setting up the ssl portion. Should the ssl cert > be setup for my exchange internal fqdn or my external address? Also > everything is pointing towards setting this up for my default website. Should > this be setup for the exchange website and not the default? > > I have 1 exchange server: > > Windows 2003 ent sp2 > Exchange 2003 ent sp2- This is my only DC as well(don't ask was made to set > it up this way) If anyone has a link they can shoot me that would clarify > this id appreciate it. > > > Regards, > > Chris Orovet Technical Support > > O: (727)812-0276 Ext. 125 > F: (727)812-0278 > Email: [email protected] > Web: http://www.atsi-inc.com > > > "Whatever relationships you have attracted in your life at this moment, are > precisely the ones you need in your life at this moment. There is a hidden > meaning behind all events, and this hidden meaning is serving your own > evolution." ~Chopra > > Confidentiality Notice: This e-mail message and any attachments are for the > sole use of the intended recipient and may contain proprietary, confidential, > trade secret or privileged information. Any unauthorized review, use, > disclosure, or distribution is prohibited and may be a violation of law. If > you are not the intended recipient or a person responsible for delivering > this message to an intended recipient, please contact the sender by reply > e-mail and destroy all copies of the original message immediately. > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
