Joe, All the modern browsers strongly warn against continuing to a website that has a self-signed certificate. However, I believe they also allow the user to permanently accept the self-signed certificate which will block future warnings.
In the case of the soda, you've probably got a different formula. But, as far as I understand how SSL works (which may not be enough), you're getting the same protection and technology across vendors. Regards, Chris. ________________________________ From: Joe Heaton [jhea...@etp.ca.gov] Sent: Tuesday, July 21, 2009 8:45 AM To: MS-Exchange Admin Issues Subject: RE: OWA / SSL question I know about GoDaddy, and recommend it every time any of our 4 SSL certs come up for renewal. But the manager wants to stay with the “industry standard” Verisign. I’m the kind of guy that buys the Shasta colas, or the Sam’s colas, because it’s pretty much the same thing at half the price. I have also looked at generating our own cert, which really makes sense for this purpose, as it’s only internal users that will be accessing OWA. What could they face from home, if I use a homemade cert? Are there browser issues, with certain browsers not liking homemade certs? Joe Heaton Employment Training Panel From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Tuesday, July 21, 2009 8:42 AM To: MS-Exchange Admin Issues Subject: RE: OWA / SSL question If your cert expires, users will have to either configure their browsers to allow them to go the site, or click through warning/error messages to get there. I would believe depending on your mobile phone setup those users will have similar problems. Have you looked into generating your own internal certificate? CHEAP: I got 3 year SSL Cert for OWA from GoDaddy.com for $67.47 [cid:image001.jpg@01CA09DF.AA62D040] [cid:image002.jpg@01CA09DF.AA62D040] ________________________________ From: Joe Heaton [mailto:jhea...@etp.ca.gov] Sent: Tuesday, July 21, 2009 11:27 AM To: MS-Exchange Admin Issues Subject: OWA / SSL question Guys, Due to the budget issues here in California, my agency is down to the wire with renewing our SSL cert for Exchange. I’ve already told my manager that we can easily go with one of the cheaper alternatives, and have the same security, but she’s really wanting to stick with Verisign. Due to this, our SSL cert may end up expiring. I’ve told her that the impact would be that I would have to turn off OWA. In addition, wouldn’t our phones be affected? We’re using Activesync on our Windows Mobile devices, and requiring the SSL connection. Would we be able to make a secure SSL connection without the cert? I’m thinking this is possibly a stupid question, but my brain is really fuzzy this morning. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 jhea...@etp.ca.gov
<<inline: image001.jpg>>
<<inline: image002.jpg>>
