RE: SSL on OWA
That's funny, I took the class about 3 years ago and the guy who taught the class, completely bashed Microsoft products, expecially Exchange. The guy wrote a book about e-mail security, I believe his name was Lawrence Hughes. I really got a bad taste from that class. Funny that they went to Exchange right after Microsoft started putting Verisign cert authorities in IE. At that time, they weren't in the browsers list to choose from. Tom -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:17 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA They use Exchange. -Original Message- From: Cross, Tom [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:39 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I went to a PKI class in Atlanta with Verisign and they are the most anti-Microsoft, anti-Exchange people I've ever met. Generate your own cert. Tom -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds good. Do you know anyone who works there? -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Yep - I believe David is correct here. The only reason that you should need a CA is if you want to create and assign certificates with it. If you already have a cert from Verisign, then when you set up the OWA page with SSL, you should simply be able to use that cert. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Sounds like you might benefit from your own CA then. Isn't there an option to install Enterprise Standalone CA? Been awhile since I did my last install. Do remember also that once you install the cert and assign it to the web page, you will always get that notification window stating that the cert could not be verified to be from a trusted source, or something like that. It will work fine though. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
From my reading there seems to be two main ones to choose from. Enterprise and Standalone. The Enterprise is AD aware and can issue certs to machines automatically. I did read somewhere that the standalone CA can be a security risk if installed into AD. Has anybody else heard this? Anyway, getting a little off topic. If I understand this correctly, when one of my users connects to our OWA server they are not requesting a cert, they are just establishing a secure connection...right??? So when white papers state that if you are issuing certs to users outside your organization you should use a standalone CA, this is not applicable to my situation...right :) Jonathan -Original Message- From: Ben Winzenz [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:55 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds like you might benefit from your own CA then. Isn't there an option to install Enterprise Standalone CA? Been awhile since I did my last install. Do remember also that once you install the cert and assign it to the web page, you will always get that notification window stating that the cert could not be verified to be from a trusted source, or something like that. It will work fine though. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments
RE: SSL on OWA
Title: RE: SSL on OWA Right, you don't need to set up a CA server to do SSL over OWA. -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 4:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! *** WARNING: Unencrypted electronic mail is not secure and may not be authentic. If you have any doubts as to the contents of this e-mail, please telephone the Geac representative who appears to be the sender to confirm the validity of this communication . NOTE: This electronic transmission is intended only for those to whom it is addressed. It may contain information that is confidential and/or privileged by law. Any claim to privilege is not waived or lost by reason of mistaken transmission of this information. If you are not the intended recipient, or the employee or agent responsible for delivery to the intended recipient, you must not review, distribute, copy or make any use of this transmission. In such case, please notify the sender by return e-mail and destroy all copies of same. *** -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
The problem is when users contact your server and try and authenticate the signature. If the root server is not in the list of trusted Root CAs then each new session will promt for a warning for unknown CA cert and ask each time to trust it. You can have each user install the root CA as a trusted CA but it's a pain. David -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! *** WARNING: Unencrypted electronic mail is not secure and may not be authentic. If you have any doubts as to the contents of this e-mail, please telephone the Geac representative who appears to be the sender to confirm the validity of this communication . NOTE: This electronic transmission is intended only for those to whom it is addressed. It may contain information that is confidential and/or privileged by law. Any claim to privilege is not waived or lost by reason of mistaken transmission of this information. If you are not the intended recipient, or the employee or agent responsible for delivery to the intended recipient, you must not review, distribute, copy or make any use of this transmission. In such case, please notify the sender by return e-mail and destroy all copies of same. *** -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter
RE: SSL on OWA
I also read that is recommended that a standalones should be setup outside the network. But if you decide for an Enterprise installation you can also do secure e-mail encryption, logons, smartcards, etc. Nelson -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:21 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA From my reading there seems to be two main ones to choose from. Enterprise and Standalone. The Enterprise is AD aware and can issue certs to machines automatically. I did read somewhere that the standalone CA can be a security risk if installed into AD. Has anybody else heard this? Anyway, getting a little off topic. If I understand this correctly, when one of my users connects to our OWA server they are not requesting a cert, they are just establishing a secure connection...right??? So when white papers state that if you are issuing certs to users outside your organization you should use a standalone CA, this is not applicable to my situation...right :) Jonathan -Original Message- From: Ben Winzenz [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:55 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds like you might benefit from your own CA then. Isn't there an option to install Enterprise Standalone CA? Been awhile since I did my last install. Do remember also that once you install the cert and assign it to the web page, you will always get that notification window stating that the cert could not be verified to be from a trusted source, or something like that. It will work fine though. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall
RE: SSL on OWA
I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
May I recommend Thawte? -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Gee William... Why would you recommend Verisign... :) -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 14:20 To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
I went to a PKI class in Atlanta with Verisign and they are the most anti-Microsoft, anti-Exchange people I've ever met. Generate your own cert. Tom -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds good. Do you know anyone who works there? -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
OK, if you pay for it...:) -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
We use thawte. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds good. Do you know anyone who works there? -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
FWIW, Entrust has been working fine for the past 2 years here. 1/2 price of VeriSign, if you purchase 2-year contract. -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:43 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA We use thawte. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds good. Do you know anyone who works there? -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Funny guy... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 4:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Gee William... Why would you recommend Verisign... :) -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 14:20 To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Title: RE: SSL on OWA Someone mentioned thwate - they were just purchased by version but are still cheap - 225 for two years. Jim Zangara, MCSE+I IT Manager Special Projects Engineer Premiere Radio Networks A Division of Clear Channel Communications 15260 Ventura Blvd Suite 500 Sherman Oaks, CA 91403 Direct: (818) 461-8620 mailto:[EMAIL PROTECTED] -Original Message- From: Steve Ens [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:46 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Funny guy... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 4:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Gee William... Why would you recommend Verisign... :) -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 14:20 To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
They use Exchange. -Original Message- From: Cross, Tom [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:39 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I went to a PKI class in Atlanta with Verisign and they are the most anti-Microsoft, anti-Exchange people I've ever met. Generate your own cert. Tom -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 5:34 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Sounds good. Do you know anyone who works there? -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:20 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA I recommend Verisign. -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:40 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Why not just gen up your own self-signed cert? John Matteson; Exchange Manager Geac Corporate Infrastructure Systems and Standards (404) 239 - 2981 My toys! My toys! I can't do this job without my toys! -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:36 AM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Our current cert is nearing expiration. Verisign has also opted to up the cost to almost 900 bucks. With aspirations of putting a cert on the workstyle server as well as some secure web sites we are looking to an alternative to verisign. With CA built into windows it seems like a good alternative. Jonathan -Original Message- From: David White [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 5:56 PM To: MS-Exchange Admin Issues Subject: RE: SSL on OWA Not sure you need to set up a CA at all. Just use the cert and you will be fine. David - List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
SSL on OWA
Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL on OWA
Not sure you need to set up a CA at all. Just use the cert and you will be fine. David -Original Message- From: Crouthamel, Jonathan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 10:28 AM To: MS-Exchange Admin Issues Subject: SSL on OWA Hi all, We currently have a cert from verisign to enable ssl for our OWA users. We are in the process of setting up Windows 2000 Certificate Authority on our test network and are stumped with the first option of what to install, enterprise or standalone CA. We don't want to issue certificates to users on the outside, we just want them to establish a secure connection with our OWA server like it is currently configured with the verisign cert. Any insight is appreciated. Thanks. Jonathan Crouthamel - MCSE/CNA Technical Services Supervisor Systems Administrator Datavision-Prologix, Inc. Phone: 215.442.7400 x1150 Email: [EMAIL PROTECTED] *** CONFIDENTIALITY NOTICE *** Privileged/Confidential Information may be contained in this message and/or its attachments. This message and its attachments are intended only for use by the individual(s) listed as the recipient(s). If you are not one of the intended recipient(s), or responsible for delivery of the message to such person, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this message in error, please notify the sender by return email and destroy all copies of the email. Opinions, conclusions and other information in this message that do not relate to official company business shall be understood as neither given nor endorsed by the company. List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
SSL for OWA?
Does anyone have any advice for implementing SSL on an E2K OWA front-end server? Any gotchas or pitfalls to be aware of? Recommendations on letting the server handle the SSL overhead vs. getting a SSL PCI card or a stand-alone SSL device? Thanks! Jon Bonner List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL for OWA?
I am running ssl on my ex2k box. No problems NOW. If I were you I would download a 14 day trail certificate then let them upgrade it after 14 days. It was a pain to configure the first time around.Don't spend the money until you know you have right. -Original Message- From: Bonner, Jon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 1:37 PM To: MS-Exchange Admin Issues Subject: SSL for OWA? Does anyone have any advice for implementing SSL on an E2K OWA front-end server? Any gotchas or pitfalls to be aware of? Recommendations on letting the server handle the SSL overhead vs. getting a SSL PCI card or a stand-alone SSL device? Thanks! Jon Bonner List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL and OWA
I don't mind the intrusion, but I would prefer that you continue to post these questions on the list as well. I don't know everything about SSL and OWA, and you may get a better answer there. That being said, I don't think I can fairly answer an If scenario. Either this is the case or it isn't. There are too many factors that come into play. SSL encryption takes more time than non-SSL simply because of the encryption part of it. It will cause delays both locally and remotely. I think it is a safe assumption that those delays aren't always going to be equal locally and remotely. You probably need to look at other factors, including connection speed remotely, available bandwidth to/from internet to the OWA server, distance in hops from said server, etc. etc. etc. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems -Original Message- From: Karen Arevalo [mailto:[EMAIL PROTECTED]] Sent: Friday, January 04, 2002 4:53 PM To: [EMAIL PROTECTED] Subject: SSL and OWA I hope I'm not intruding but what do you think the problem would be if... I am using ssl and owa to access my exchange 2k box remotely. It is extremely slow logging in, once logged in the systems run quite fast. I then tried to access the exchange box onsite using owa and it is very fast and that was even with SSL. What do you think would cause the discrepency? I'd appreciate your thoughts. Thanks, Karen -Original Message- From: Benjamin Winzenz [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 11:33 AM To: MS-Exchange Admin Issues Subject: RE: SSL and OWA It's the SSL overhead. It takes a while. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems, Inc. -Original Message- From: Jonathan K [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 11:12 AM To: MS-Exchange Admin Issues Subject: SSL and OWA I am using ssl and owa to access my exchange 2k box remotely. It is extremely slow logging in, once logged in the systems run quite fast. I then tried to access the exchange box onsite using owa and it is still very slow. Any thoughts or ideas? Thanks, Jonathan List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
SSL and OWA
Title: Message I am using ssl and owa to access my exchange 2kbox remotely. It is extremely slow logging in, once logged in the systems run quite fast. I then tried to access the exchange box onsite using owa and it is still very slow. Any thoughts or ideas? Thanks, Jonathan List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
RE: SSL and OWA
Title: Message It's the SSL overhead. It takes a while. Ben Winzenz, MCSE Network/Systems Administrator Peregrine Systems, Inc. -Original Message- From: Jonathan K [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 11:12 AM To: MS-Exchange Admin Issues Subject: SSL and OWA I am using ssl and owa to access my exchange 2kbox remotely. It is extremely slow logging in, once logged in the systems run quite fast. I then tried to access the exchange box onsite using owa and it is still very slow. Any thoughts or ideas? Thanks, Jonathan List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm